Programming Ruby: the pragmatic programmer's guide
Programming Ruby: the pragmatic programmer's guide
Certification of programs for secure information flow
Communications of the ACM
SAS '99 Proceedings of the 6th International Symposium on Static Analysis
Learning Python
Practical Mod_PERL
Language-Based Information Erasure
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dynamic Taint Propagation for Java
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Data remanence in semiconductor devices
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Proceedings of the 2008 ACM symposium on Information, computer and communications security
End-to-End Enforcement of Erasure and Declassification
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Expressive and enforceable information security policies
Expressive and enforceable information security policies
Towards a times-based usage control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Just forget it: the semantics and enforcement of information erasure
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
A semantic hierarchy for erasure policies
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Secure multi-execution in haskell
PSI'11 Proceedings of the 8th international conference on Perspectives of System Informatics
Hi-index | 0.00 |
Security or privacy-critical applications often require access to sensitive information in order to function. But in accordance with the principle of least privilege --- or perhaps simply for legal compliance --- such applications should not retain said information once it has served its purpose. In such scenarios, the timely disposal of data is known as an information erasure policy . This paper studies software-level information erasure policies for the data manipulated by programs. The paper presents a new approach to the enforcement of such policies. We adapt ideas from dynamic taint analysis to track how sensitive data sources propagate through a program and erase them on demand. The method is implemented for Python as a library, with no modifications to the runtime system. The library is easy to use, and allows programmers to indicate information-erasure policies with only minor modifications to their code.