Add to ORKGSecurity-typed languages are powerful tools for provably enforcing noninterference. Real computing systems, however, often intentionally violate noninterference by deliberately releasing (or declassifying) sensitive information. These systems frequently trust cryptographic functions to achieve declassification while still maintaining confidentiality. We introduce the notion of trusted functions that implicitly act as declassifiers within a security-typed language. Proofs of the new language’s soundness and its enforcement of a weakened form of noninterference are given. Additionally, we implement trusted functions used for declassification in the Jif language. This represents a step forward in making security-typed languages more practical ...
Security assurance is an important challenge for modern computing. Intentional information release (...
Information-flow security typing statically prevents confidential information to leak to public cha...
Much work on security-typed languages lacks a satisfactory account ofintentional information release...
AbstractLanguage-based approaches to information security have led to the development of security ty...
Language-based approaches to information security have led to the development of security type syste...
Language-based approaches to information security have led to the development of security type syste...
Traditional noninterference cannot cope with common features of secure systems like channel control,...
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Security protocols are critical for protecting modern communication infrastructures and are therefor...
Security protocols are critical for protecting modern communication infrastructures and are therefor...
While a rigorous information flow analysis is a key step in obtaining meaningful end-to-end conf...
Declassification occurs when the confidentiality of informa-tion is weakened; erasure occurs when th...
International audienceInformation-flow security typing statically preservesconfidentiality by enforc...
International audienceInformation-flow security typing statically prevents confidential information ...
Security assurance is an important challenge for modern computing. Intentional information release (...
Information-flow security typing statically prevents confidential information to leak to public cha...
Much work on security-typed languages lacks a satisfactory account ofintentional information release...
AbstractLanguage-based approaches to information security have led to the development of security ty...
Language-based approaches to information security have led to the development of security type syste...
Language-based approaches to information security have led to the development of security type syste...
Traditional noninterference cannot cope with common features of secure systems like channel control,...
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Security protocols are critical for protecting modern communication infrastructures and are therefor...
Security protocols are critical for protecting modern communication infrastructures and are therefor...
While a rigorous information flow analysis is a key step in obtaining meaningful end-to-end conf...
Declassification occurs when the confidentiality of informa-tion is weakened; erasure occurs when th...
International audienceInformation-flow security typing statically preservesconfidentiality by enforc...
International audienceInformation-flow security typing statically prevents confidential information ...
Security assurance is an important challenge for modern computing. Intentional information release (...
Information-flow security typing statically prevents confidential information to leak to public cha...
Much work on security-typed languages lacks a satisfactory account ofintentional information release...