We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information corresponds to restricting a sheaf to a closed subspace. Our security-aware computational model satisfies termination-insensitive noninterference automatically, and therefore constitutes an intrinsic alternative to state of the art extrinsic/relational models of noninterference. Our semantics is the latest application of Sterling and Harper's recent re-interpretation of phase distinctions and noninterference in programming languages in terms of Artin gluing and topos-theoretic open/closed modalities. Prior applications include parametricity for ML modules, the proof of normalization for cubical type theory by Sterling and Angiuli, and the cost-aware logical framework of Niu et al. In this paper we employ the phase distinction perspective twice: first to reconstruct the syntax and semantics of secure information flow as a lattice of phase distinctions between "higher" and "lower" security, and second to verify the computational adequacy of our sheaf semantics vis-\`a-vis an extension of Abadi et al.'s dependency core calculus with a construct for declassifying termination channels.
翻译:我们基于合成领域理论,为抽象行为空间的安全信息流动提出一个新的沙发语义:安全等级是开放/封闭的分区,种类是沙发,敏感信息的编辑相当于将一个沙发限制在封闭的子空间。我们的安全觉计算模型满足了终止敏感不干预的自动互不干涉,因此构成了不干预艺术外端/关系模式状态的内在替代物。我们的语义是Sterling和Harper最近对阶段区分和不干涉编程语言的重新解释的最新应用,这在阿廷格莱和假设理论开放/封闭模式方面是开放/封闭的。先前的应用包括ML模块的准度、Sterling和Angiuli对异端类型理论正常化的证明,以及Niu等人的成本效益逻辑框架。在本文中,我们两次采用阶段区分观点:首先重建安全信息流动的合成和语义,作为“高端点”和“低端点”安全以及“低端”理论开放/封闭式模式之间的阶段区分。 先前的应用包括ML模块的准度、Sterling和Abulual-detical latical a cal decal decaltistration subaltistrationaltistration subaltical dealticalticalticalticaltical deal deqalticalticalticaltical) se。