Information-flow type systems are a promising approach for enforcing strong end-to-end confidentiality and integrity policies. Such policies, however, are usually specified in term of static information—data is labeled high or low security at compile time. In practice, the confidentiality of data may depend on information available only while the system is running. This paper studies language support for run-time principals, a mechanism for specifying information-flow security policies that depend on which principals interact with the system. We establish the basic property of noninterference for programs written in such language, and use run-time principals for specifying run-time authority in downgrading mechanisms such as declassificatio...
Enforcing the confidentiality and integrity of information is critical in distributed applications. ...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Information systems are widespread and used by anyone with computing devices as well as corporation...
Information-flow type systems are a promising approach for enforcing strong end-to-end confidentiali...
Abstract Information-flow type systems are a promising approach for enforcing strong end-to-end conf...
This thesis investigates the specification and the application of dynamic security policies in infor...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
In traditional information-flow type systems, the security policy is often formalized as noninterfer...
Noninterference requires that there is no information flow from sensitive to public data in a given ...
Standard security mechanism such as Access control, Firewall and Encryption only focus on controllin...
<p>Common protection mechanisms fail to provide end-to-end security; programs with legitimate access...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Confidentiality and integrity are often treated as dual properties in formal models of information-f...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Enforcing the confidentiality and integrity of information is critical in distributed applications. ...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Information systems are widespread and used by anyone with computing devices as well as corporation...
Information-flow type systems are a promising approach for enforcing strong end-to-end confidentiali...
Abstract Information-flow type systems are a promising approach for enforcing strong end-to-end conf...
This thesis investigates the specification and the application of dynamic security policies in infor...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
In traditional information-flow type systems, the security policy is often formalized as noninterfer...
Noninterference requires that there is no information flow from sensitive to public data in a given ...
Standard security mechanism such as Access control, Firewall and Encryption only focus on controllin...
<p>Common protection mechanisms fail to provide end-to-end security; programs with legitimate access...
Applications that manipulate sensitive information should ensure end-to-end security by satisfying t...
Confidentiality and integrity are often treated as dual properties in formal models of information-f...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Enforcing the confidentiality and integrity of information is critical in distributed applications. ...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Information systems are widespread and used by anyone with computing devices as well as corporation...