Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Noninterference for concurrent programs and thread systems
Theoretical Computer Science
Analysing Approximate Confinement under Uniform Attacks
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Non-Interference: Who Needs It?
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Statically assuring secrecy for dynamic concurrent processes
Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming
Enforcing Robust Declassification
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Security policy in a declarative style
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Hi-index | 0.00 |
We address the problem of controlling information leakage in a concurrent declarative programming setting. Our aim is to define formal tools in order to distinguish between authorized, or declared, information flows such as password testing (e.g., ATM, login processes, etc.) and non-authorized ones. We propose to define security policies as rewriting systems. Such policies define how the privacy levels of information evolve. A formal definition of secure processes with respect to a given security policy is given.