A Model for Delimited Information Release
نویسندگان
چکیده
Much work on security-typed languages lacks a satisfactory account of intentional information release. In the context of confidentiality, a typical security guarantee provided by security type systems is noninterference, which allows no information flow from secret inputs to public outputs. However, many intuitively secure programs do allow some release, or declassification, of secret information (e.g., password checking, information purchase, and spreadsheet computation). Noninterference fails to recognize such programs as secure. In this respect, many security type systems enforcing noninterference are impractical. On the other side of the spectrum are type systems designed to accommodate some information leakage. However, there is often little or no guarantee about what is actually being leaked. As a consequence, such type systems are vulnerable to laundering attacks, which exploit declassification mechanisms to reveal more secret data than intended. To bridge this gap, this paper introduces a new security property, delimited release, an end-to-end guarantee that declassification cannot be exploited to construct laundering attacks. In addition, a security type system is given that straightforwardly and provably enforces delimited release.
منابع مشابه
Dependency-Based Information Flow Analysis with Declassification in a Program Logic
We present a deductive approach for the analysis of secure information flows with support for fine-grained policies that include declassifications in the form of delimited information release. By explicitly tracking the dependencies of program locations as a computation history, we maintain high precision, while avoiding the need for comparing independent program runs. By considering an explici...
متن کاملInformation Declassification for Multi-Threaded Programs
Information declassification aims for trusted release of secret information to public environment. Existing security specifications and enforcement mechanisms of declassification policies have focused on sequential programs. This paper generalized the specification of gradually delimited release policy for sequential programs to the security condition suited for multi-threaded programs. This se...
متن کاملطراحی الگوی اصول محرمانگی اطلاعات پرونده سلامت الکترونیک برای ایران - 1386
Introduction: Today increasing growing of health information is results in applying of new technologies for suite manages and utilization of information technologies such as electronic health record. A growing capacity of information technologies in collection, storage and transmission of information has added a great deal of concerns since electronic records can be accessed by numerous consume...
متن کاملThis Report Has Been Delimited and Cleared for Public Release under Dod Directive 5200,20 and No Restrictions Are Imposed upon Its Use and Disclosure, Distribution Statement a Approved for Public Release; Distribution Unlimited,
متن کامل
A fuzzy mixed-integer goal programming model for a parallel machine scheduling problem with sequence-dependent setup times and release dates
This paper presents a new mixed-integer goal programming (MIGP) model for a parallel machine scheduling problem with sequence-dependent setup times and release dates. Two objectives are considered in the model to minimize the total weighted flow time and the total weighted tardiness simultaneously. Due to the com-plexity of the above model and uncertainty involved in real-world scheduling probl...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003