Information-Flow Security for Concurrent Programs: Pitfalls, Solutions,
and Challenges


Today's IT-systems store and process an abundance of data.  Some of
this data represents private or secret information, and a crucial
question is how to ensure that no such information is leaked.

We focus on techniques that establish confidentiality guarantees by
controlling the flow of information within IT-systems.  Research on
information-flow security has resulted in an impressive portfolio of
program analysis techniques and tools.  For sequential programs, these
approaches are becoming rather mature, and a good understanding of the
resulting, declarative security guarantees has been achieved.  For
concurrent programs, information-flow security is more challenging.

The first part of the talk provides an introduction to theory and
practice of information-flow control.  The second part clarifies why
it is so hard to achieve information-flow security for concurrent
programs, and discusses recent results from our on-going research
effort to tackle these challenges.