A compiler-based infrastructure for software-protection
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Flow-sensitive semantics for dynamic information flow policies
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Paralocks: role-based information flow control and beyond
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Privacy enforcement and analysis for functional active objects
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Noninterference with dynamic security domains and policies
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Keeping information safe from social networking apps
Proceedings of the 2012 ACM workshop on Workshop on online social networks
A low-overhead, value-tracking approach to information flow security
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
Noninterference in a predicative polymorphic calculus for access control
Computer Languages, Systems and Structures
| Hi-index | 0.00 |
This paper presents a language in which information flow is securely controlled by a type system, yet the security class of data can vary dynamically. Information flow policies provide the means to express strong security requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed statically, ensuring that programs will respect the restrictions placed on data. However, real computing systems have security policies that cannot be determined at the time of program analysis. For example, a file has associated access permissions that cannot be known with certainty until it is opened. Although one security-typed programming language has included support for dynamic security labels, there has been no demonstration that a general mechanism for dynamic labels can securely control information flow. In this paper, we present an expressive language-based mechanism for reasoning about dynamic security labels. The mechanism is formally presented in a core language based on the typed lambda calculus; any well-typed program in this language is secure because it satisfies noninterference.