Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems perform intentional release of sensitive information as part of their correct functioning and therefore violate noninterference. To control information flow while permitting intentional information release, some systems have a downgrading or declassification mechanism. A major danger of such a mechanism is that it may cause unintentional information release. This paper shows that a robustness property can be used to characterize programs in which declassification mechanisms cannot be exploited by attackers to release more information than intended. It describes a simple way to provably enforce this robustness pro...
Information flow controls can be used to protect both data confidentiality and data integrity. The c...
Simple non-interference is too restrictive for specifying and enforcing information flow policies in...
Computing systems often deliberately release (or declassify) sensitive information. A principal secu...
Noninterference requires that there is no information flow from sensitive to public data in a given ...
Language-based approaches to information security have led to the development of security type syste...
AbstractLanguage-based approaches to information security have led to the development of security ty...
In traditional information-flow type systems, the security policy is often formalized as noninterfer...
Language-based approaches to information security have led to the development of security type syste...
Language-based information flow security is a promising approach for enforcement of strong security ...
Security assurance is an important challenge for modern computing. Intentional information release (...
Security assurance is an important challenge for modern computing. Intentional information release (...
AbstractThis paper suggests the following approach for checking whether a program satisfies an infor...
Standard access control mechanisms are often insufficient to enforce compliance of programs with sec...
Traditional noninterference cannot cope with common features of secure systems like channel control,...
Language-based information flow security provides a way to enforce either the baseline noninterferen...
Information flow controls can be used to protect both data confidentiality and data integrity. The c...
Simple non-interference is too restrictive for specifying and enforcing information flow policies in...
Computing systems often deliberately release (or declassify) sensitive information. A principal secu...
Noninterference requires that there is no information flow from sensitive to public data in a given ...
Language-based approaches to information security have led to the development of security type syste...
AbstractLanguage-based approaches to information security have led to the development of security ty...
In traditional information-flow type systems, the security policy is often formalized as noninterfer...
Language-based approaches to information security have led to the development of security type syste...
Language-based information flow security is a promising approach for enforcement of strong security ...
Security assurance is an important challenge for modern computing. Intentional information release (...
Security assurance is an important challenge for modern computing. Intentional information release (...
AbstractThis paper suggests the following approach for checking whether a program satisfies an infor...
Standard access control mechanisms are often insufficient to enforce compliance of programs with sec...
Traditional noninterference cannot cope with common features of secure systems like channel control,...
Language-based information flow security provides a way to enforce either the baseline noninterferen...
Information flow controls can be used to protect both data confidentiality and data integrity. The c...
Simple non-interference is too restrictive for specifying and enforcing information flow policies in...
Computing systems often deliberately release (or declassify) sensitive information. A principal secu...