POPL '88 Proceedings of the 15th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A syntactic approach to type soundness
Information and Computation
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verifying secrets and relative secrecy
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A sound type system for secure flow analysis
Journal of Computer Security
An Axiomatic Approach to Information Flow in Programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
A lattice model of secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The Definition of Standard ML
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure Information Flow via Linear Continuations
Higher-Order and Symbolic Computation
Lattice-Based Access Control Models
Computer
Eliminating Covert Flows with Minimum Typings
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference in a Concurrent Language
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
What is Intransitive Noninterference?
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Secure Introduction of One-Way Functions
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
The enforcement of security policies for computation
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
A New Type System for Secure Information Flow
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Non-Interference: Who Needs It?
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Providing flexibility in information flow control for object oriented systems
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Programming languages for information security
Programming languages for information security
Modelling Downgrading in Information Flow Security
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Semantic models for information flow
Theoretical Computer Science - Mathematical foundations of programming semantics
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A monadic analysis of information flow security with mutable state
Journal of Functional Programming
On Declassification and the Non-Disclosure Policy
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Handling encryption in an analysis for secure information flow
ESOP'03 Proceedings of the 12th European conference on Programming
Non-disclosure for distributed mobile code
FSTTCS '05 Proceedings of the 25th international conference on Foundations of Software Technology and Theoretical Computer Science
A design for a security-typed language with certificate-based declassification
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Fair cooperative multithreading: typing termination in a higher-order concurrent imperative language
CONCUR'07 Proceedings of the 18th international conference on Concurrency Theory
Session types for access and information flow control
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Non-disclosure for distributed mobile code
Mathematical Structures in Computer Science - Programming Language Interference and Dependence
Typing illegal information flows as program effects
Proceedings of the 7th Workshop on Programming Languages and Analysis for Security
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
| Hi-index | 0.00 |
We address the issue of declassification in a language-based security approach. We introduce, in a Core ML-like language with concurrent threads, a declassification mechanism that takes the form of a local flow policy declaration. The computation in the scope of such a declaration is allowed to implement information flow according to the local policy. To take into account declassification, and more generally dynamic flow policies, we introduce a generalization of non-interference, that we call the non-disclosure policy, and we design a type and effect system for our language that enforces this policy. Besides dealing with declassification, our type system improves over previous systems for checking information flow in two directions: first, we show that the typing of terminations leaks can be largely improved, by particularizing the case where the alternatives in a conditional branching both terminate. Moreover, we also provide a quite precise way of approximating the confidentiality level of an expression, by ignoring the level of values that are only used for side-effects.