In systems that handle confidential information, the security policy to enforce on information frequently changes: new users join the system, old users leave, and sensitivity of data changes over time. It is challenging, yet important, to specify what it means for such systems to be secure, and to gain assurance that a system is secure. We present a language-based model for specifying, reasoning about, and enforcing information security in systems that dynamically change the security policy. We specify security for such systems as a simple and intuitive extensional knowledge-based semantic condition: an attacker can only learn information in accordance with the current security policy. Importantly, the semantic condition is parameterized by...
Security assurance is an important challenge for modern computing. Intentional information release (...
AbstractA classic problem in security is that of checking that a program has secure information flow...
This paper explores information flow control in systems in which the security classes of data can va...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Information flow control and dynamic policies is a difficult relationship yet to be fully understood...
Dynamic updating of information-flow policies Applications that manipulate sensitive information sho...
Security assurance is an important challenge for modern computing. Intentional information release (...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
This thesis investigates the specification and the application of dynamic security policies in infor...
Security policies are naturally dynamic. Reflecting this, there has been a growing interest in study...
This paper presents a language in which information flow is securely controlled by a type system, ye...
This paper presents a language in which information flow is securely controlled by a type system, ye...
This paper presents a language in which information flow is securely controlled by a type system, ye...
Abstract. Language-based security leverages program analysis and program rewriting to enforce securi...
Many computer systems have a functional requirement to release information. Such requirements are an...
Security assurance is an important challenge for modern computing. Intentional information release (...
AbstractA classic problem in security is that of checking that a program has secure information flow...
This paper explores information flow control in systems in which the security classes of data can va...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Information flow control and dynamic policies is a difficult relationship yet to be fully understood...
Dynamic updating of information-flow policies Applications that manipulate sensitive information sho...
Security assurance is an important challenge for modern computing. Intentional information release (...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
This thesis investigates the specification and the application of dynamic security policies in infor...
Security policies are naturally dynamic. Reflecting this, there has been a growing interest in study...
This paper presents a language in which information flow is securely controlled by a type system, ye...
This paper presents a language in which information flow is securely controlled by a type system, ye...
This paper presents a language in which information flow is securely controlled by a type system, ye...
Abstract. Language-based security leverages program analysis and program rewriting to enforce securi...
Many computer systems have a functional requirement to release information. Such requirements are an...
Security assurance is an important challenge for modern computing. Intentional information release (...
AbstractA classic problem in security is that of checking that a program has secure information flow...
This paper explores information flow control in systems in which the security classes of data can va...