Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
On Declassification and the Non-Disclosure Policy
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Localized delimited release: combining the what and where dimensions of information release
Proceedings of the 2007 workshop on Programming languages and analysis for security
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Compositional information flow security for concurrent programs
Journal of Computer Security
Tractable Enforcement of Declassification Policies
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Expressive Declassification Policies and Modular Static Enforcement
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Tight Enforcement of Information-Release Policies for Dynamic Languages
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Controlling the what and where of declassification in language-based security
ESOP'07 Proceedings of the 16th European conference on Programming
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
A labelling system for derived data control
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Flexible scheduler-independent security
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Scheduler-Independent declassification
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
Precise enforcement of progress-sensitive security
Proceedings of the 2012 ACM conference on Computer and communications security
Journal of Computer Security - CSF 2010
| Hi-index | 0.00 |
Noninterference requires that public outputs of a program must be completely independent from secrets. While this ensures that secrets cannot be leaked, it is too restrictive for many applications. For instance, the output of a knowledge-based authentication mechanism needs to reveal whether an input matches the secret password. The research problem is to allow such exceptions without giving up too much. Though a number of solutions has been developed, the problem is not yet satisfactorily solved. In this article, we propose a framework to control what information is declassified. Our contributions include a policy language, a semantic characterization of information flow security, and a sound security type system. The main technical novelty is the explicit treatment of so called reference points, which allows us to offer substantially more flexible control of what is released than in existing approaches.