Downgrading policies and relaxed noninterference
نویسندگان
چکیده
منابع مشابه
Type Abstraction for Relaxed Noninterference
Information-flow security typing statically prevents confidential information to leak to public channels. The fundamental information flow property, known as noninterference, states that a public observer cannot learn anything from private data. As attractive as it is from a theoretical viewpoint, noninterference is impractical: real systems need to intentionally declassify some information, se...
متن کاملNoninterference with Local Policies
We study non-interference based security in a dynamic setting, where the security policy may depend on the state of the system. More specifically, we 1. provide new definitions of dynamic noninterference security which conform to the intuitive notion of noninterference and give efficient algorithms to decide whether a given system is secure, and 2. obtain a characterization of secure systems us...
متن کاملType Abstraction for Relaxed Noninterference (Artifact)
This artifact is a web interpreter for the ObSec language defined in the companion paper. ObSec is a simple object-oriented language that supports type-based declassification. Type-base declassification exploits the familiar notion of type abstraction to support expressive declassification policies in a simple and expressive manner. 1998 ACM Subject Classification D.4.6 Security and Protection:...
متن کاملNoninterference with Dynamic Security Domains and Policies
Language-based information flow analysis is used to statically examine a program for information flows between objects of different security domains, and to verify these flows follow a given policy. When the program is distributed as mobile code, it may access resources whose domains depend on the client environment, or may face different security policies. In proof-carrying code scenarios, it ...
متن کاملJournal of Information and Computing Science, JIC, Vol1 2006 No2
Security downgrading policies control information flow and permit information release from a high security level to low security level. Many security downgrading policies are treated as declassification. This paper extend security policies to operations than declassification , the security downgrading policies support downgrading in practical software, each downgrading step is annotated with so...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM SIGPLAN Notices
سال: 2005
ISSN: 0362-1340,1558-1160
DOI: 10.1145/1047659.1040319