ACM SIGSAC Review - Special issue on Issues '91: data management security and privacy standards
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis
Journal of Computer Security
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
ACM Transactions on Programming Languages and Systems (TOPLAS)
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java 2 Network Security
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Secure Composition of Untrusted Code: Wrappers and Causality Types
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Enforcing Robust Declassification
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Proceedings of the 12th ACM conference on Computer and communications security
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Managing Policy Updates in Security-Typed Languages
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Dynamic security labels and static information flow control
International Journal of Information Security
Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Automaton-based Confidentiality Monitoring of Concurrent Programs
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Fable: A Language for Enforcing User-defined Security Policies
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Permissive dynamic information flow analysis
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
| Hi-index | 0.00 |
This paper presents λI, a language for dynamic tracking of information flow across multiple, interdependent dimensions of information. Typical dimensions of interest are integrity and confidentiality. λI supports arbitrary domain-specific policies that can be developed independently. λI treats information-flow metadata as a first-class entity and tracks information flow on the metadata itself (integrity on integrity, integrity on confidentiality, etc.). This paper also introduces IMPOLITE, a novel class of information-flow policies for λI. Unlike many systems, which only allow for absolute-security relations, IMPOLITE can model more realistic security policies based on relative-security relations. IMPOLITE demonstrates how policies on interdependent dimensions of information can be simultaneously enforced within λI's unified framework.