Information Integrity Policies
نویسندگان
چکیده
Information integrity policies are traditionally enforced by access control mechanisms that prevent unauthorized users from modifying data. However, access control does not provide end-to-end assurance of integrity. For that reason, integrity guarantees in the form of noninterference assertions have been proposed. Despite the appeals of such information-flow based approaches to integrity, that solution is also unsatisfactory because it leads to a weaker notion of integrity than needed
منابع مشابه
Deliverable D 3 . 1 Confidentiality and Integrity Policies
This deliverable reports on the results from the WebSand work package on information-flow control. These results underpin a framework for decentralized confidentiality and integrity policies but also include investigations on how to these policies can be enforced.
متن کاملAnalysis of Integrity Policies using Soft Constraints
An integrity policy de£nes the situations when modi£cation of information is authorized and is enforced by the security mechanisms of the system. However, in a complex application system it is possible that an integrity policy may have been incorrectly speci£ed and, as a result, a user may be authorized to modify information that can lead to an unexpected system compromise. In this paper we out...
متن کاملSIF: Enforcing Confidentiality and Integrity in Web Applications
SIF (Servlet Information Flow) is a novel software framework for building high-assurance web applications, using language-based information-flow control to enforce security. Explicit, end-to-end confidentiality and integrity policies can be given either as compile-time program annotations, or as run-time user requirements. Compile-time and run-time checking efficiently enforce these policies. I...
متن کاملA Semantic Framework for Declassification and Endorsement
Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced declassification mechanisms for relaxing confidentiality policies, and endorsement mechanisms for relaxing integrity policies. However, a continuing challenge has been ...
متن کاملConfiguring Cloud Deployments for Integrity
Many cloud vendors now provide pre-configured OS distributions and network firewall policies to simplify deployment for customers. However, even with this help, customers have little insight into the possible attack paths that adversaries may use to compromise the integrity of their computations on the cloud. In this paper, we leverage the pre-configured security policies for cloud instances to...
متن کامل