Specifying and Enforcing a Fine-Grained Information Flow Policy: Model and Experiments
نویسندگان
چکیده
In this paper we present a model for defining and enforcing a fine-grained information flow policy. We describe how the policy can be enforced on a typical computer and present experiments using the proposed model. A key feature of the model is that it allows the expression of rules which detail precisely which information elements are allowed to mix together. For example, the model allows the expression of a policy which forbids a doctor from mixing the personal medical details of the patients. The enforcement mechanisms tracks and records information flows within the system so that dynamic changes to the policy can be made with respect to information elements which may have propagated to different locations in the system.
منابع مشابه
Fine-Grained Control-Flow Integrity Through Binary Hardening
Applications written in low-level languages without type or memory safety are prone to memory corruption. Attackers gain code execution capabilities through memory corruption despite all currently deployed defenses. Control-Flow Integrity (CFI) is a promising security property that restricts indirect control-flow transfers to a static set of well-known locations. We present Lockdown, a modular,...
متن کاملRun-time Monitoring and Formal Analysis of Information Flows in Chromium
Web browsers are a key enabler of a wide range of online services, from shopping and email to banking and health services. Because these services frequently involve handling sensitive data, a wide range of web browser security policies and mechanisms has been implemented or proposed to mitigate the dangers posed by malicious code and sites. This paper describes an approach for specifying and en...
متن کاملA Two-Tier Sandbox Architecture to Enforce Modular Fine-Grained Security Policies for Untrusted JavaScript
Existing approaches to providing security for untrusted JavaScript include isolation of capabilities – a.k.a. sandboxing. Features of the JavaScript language conspire to make this nontrivial, and isolation normally requires complex filtering, transforming and wrapping untrusted code to restrict the code to a manageable subset. The latest JavaScript specification (ECMAScript 5) has been modified...
متن کاملProtecting Private Web Content from Embedded Scripts
Many web pages display personal information provided by users. The goal of this work is to protect that content from untrusted scripts that are embedded in host pages. We present a browser modification that provides fine-grained control over what parts of a document are visible to different scripts, and executes untrusted scripts in isolated environments where private information is not accessi...
متن کاملThe Effect of Geopolymerization on the Unconfined Compressive Strength of Stabilized Fine-grained Soils
This study focuses on evaluating the unconfined compressive strength (UCS) of improved fine-grained soils. A large database of unconfined compressive strength of clayey soil specimens stabilized with fly ash and blast furnace slag based geopolymer were collected and analyzed. Subsequently, using adaptive neuro fuzzy inference system (ANFIS), a model has been developed to assess the UCS of stabi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- JoWUA
دوره 1 شماره
صفحات -
تاریخ انتشار 2010