Logic of domains
A lattice model of secure information flow
Communications of the ACM
Domains for Denotational Semantics
Proceedings of the 9th Colloquium on Automata, Languages and Programming
Improved multilevel security with latent semantic indexing
Expert Systems with Applications: An International Journal
| Hi-index | 0.00 |
In this paper, we study secure information flow policies in the sense of Meadows [C. Meadows, Extending the Brewer-Nash model to a multi-level context. IEEE Computer Society Symposium on Research in Security and Privacy (1990) 95-102.] and others for aggregated datasets, collectively. We first present a method for combining different sensitivity levels over a common dataset and investigate its ramifications on information flow policies. Next, safe-flow policies are formulated in full generality using domain-theoretic tools, and systematically derived as closure operators from Scott continuous functions. Maximum safe-flow policies correspond to the top element of the lattice of the derived closure-operator collection. We then introduce a categorical framework for information flow, in which amalgamation is used to formulate and characterize information-flow policy merging. Our methods for mediating information flow policies should be of practical interest for information sharing among multiple agencies. Our formulation of safe-flow policies as closure operators from Scott continuous functions and the associated categorical formulation of safe-flow policy merging provide a sound and general theoretical foundation for the first time for this topic, setting a stage for further development in this area.