Flow Locks: Towards a Core Calculus for Dynamic Flow Policies
نویسندگان
چکیده
Security is rarely a static notion. What is considered to be confidential or untrusted data varies over time according to changing events and states. The static verification of secure information flow has been a popular theme in recent programming language research, but information flow policies considered are based on multilevel security which presents a static view of security levels. In this paper we introduce a very simple mechanism for specifying dynamic information flow policies, flow locks, which specify conditions under which data may be read by a certain actor. The interface between the policy and the code is via instructions which open and close flow locks. We present a type and effect system for an ML-like language with references which permits the completely static verification of flow lock policies, and prove that the system satisfies a semantic security property generalising noninterference. We show that this simple mechanism can represent a number of recently proposed information flow paradigms for declassification.
منابع مشابه
Dynamic Security Labels and Noninterference
This paper explores information flow control in systems in which the security classes of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restr...
متن کاملThe Effects of Different SDE Calculus on Dynamics of Nano-Aerosols Motion in Two Phase Flow Systems
Langevin equation for a nano-particle suspended in a laminar fluid flow was analytically studied. The Brownian motion generated from molecular bombardment was taken as a Wiener stochastic process and approximated by a Gaussian white noise. Euler-Maruyama method was used to solve the Langevin equation numerically. The accuracy of Brownian simulation was checked by performing a series of simulati...
متن کاملNaoki Kobayashi Type - Based Information Flow Analysis for the Pi - Calculus
We propose a new type system for information flow analysis for the π-calculus. As demonstrated by recent studies, information about whether each communication succeeds is important for precise information flow analysis for concurrent programs. By collecting such information using ideas of our previous type systems for deadlock/livelock-freedom, our type system can perform more precise analysis ...
متن کاملA Fully Integrated Method for Dynamic Rock Type Characterization Development in One of Iranian Off-Shore Oil Reservoir
Rock selection in modeling and simulation studies is usually based on two techniques; routinely defined rock types and those defined by special core analysis (SCAL). The challenge in utilizing these two techniques is that they are frequently assumed to be the same, but in practice, static rock-types (routinely defined) are not always representative of dynamic rock-types (SCAL defined) in the re...
متن کاملSecure Data Flow in a Calculus for Context Awareness
We present a Mobile-Ambients-based process calculus to describe context-aware computing in an infrastructure-based Ubiquitous Computing setting. In our calculus, computing agents can provide and discover contextual information and are owners of security policies. Simple access control to contextual information is not sufficient to insure confidentiality in Global Computing, therefore our securi...
متن کامل