Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system. This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy. We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system
Language-based approaches to information security have led to the development of security type syste...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Language-based information flow security is a promising approach for enforcement of strong security ...
Declassification occurs when the confidentiality of informa-tion is weakened; erasure occurs when th...
Information erasure is a formal security requirement that stipulates when sensitive data must be rem...
AbstractLanguage-based approaches to information security have led to the development of security ty...
Language-based approaches to information security have led to the development of security type syste...
Security-typed languages are powerful tools for provably enforcing noninterference. Real computing s...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Language-based information flow security provides a way to enforce either the baseline noninterferen...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Noninterference requires that there is no information flow fromsensitive to public data in a given s...
Security assurance is an important challenge for modern computing. Intentional information release (...
Many modern online services require sensitive data to complete their tasks. For this reason, guarant...
Abstract. We develop a language-based approach for modeling and verifying aspects of privacy policie...
Language-based approaches to information security have led to the development of security type syste...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Language-based information flow security is a promising approach for enforcement of strong security ...
Declassification occurs when the confidentiality of informa-tion is weakened; erasure occurs when th...
Information erasure is a formal security requirement that stipulates when sensitive data must be rem...
AbstractLanguage-based approaches to information security have led to the development of security ty...
Language-based approaches to information security have led to the development of security type syste...
Security-typed languages are powerful tools for provably enforcing noninterference. Real computing s...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Language-based information flow security provides a way to enforce either the baseline noninterferen...
We address the issue of declassification in a language-based security approach. We introduce, in a C...
Noninterference requires that there is no information flow fromsensitive to public data in a given s...
Security assurance is an important challenge for modern computing. Intentional information release (...
Many modern online services require sensitive data to complete their tasks. For this reason, guarant...
Abstract. We develop a language-based approach for modeling and verifying aspects of privacy policie...
Language-based approaches to information security have led to the development of security type syste...
Language-based information flow methods offer a principled way to enforcestrong security properties,...
Language-based information flow security is a promising approach for enforcement of strong security ...