Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: CSFW17
Guest editors: Riccardo Focardi
Article type: Research Article
Authors: Myers, Andrew C.a | Sabelfeld, Andreib; * | Zdancewic, Stevec
Affiliations: [a] Department of Computer Science, Cornell University, USA. E-mail: andru@cs.cornell.edu | [b] Department of Computer Science, Chalmers University of Technology, Sweden. E-mail: andrei@cs.chalmers.se | [c] Department of Computer and Information Science, University of Pennsylvania, USA. E-mail: stevez@cis.upenn.edu
Note: [*] This work was partly done while the author was at Cornell University.
Abstract: Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems release sensitive information as part of their intended function and therefore violate noninterference. To control information flow while permitting information release, some systems have a downgrading or declassification mechanism, but this creates the danger that it may cause unintentional information release. This paper shows that a robustness property can be used to characterize programs in which declassification mechanisms cannot be controlled by attackers to release more information than intended. It describes a simple way to provably enforce this robustness property through a type-based compile-time program analysis. The paper also presents a generalization of robustness that supports upgrading (endorsing) data integrity.
Keywords: Computer security, confidentiality, integrity, information flow, noninterference, security-type systems, security policies, declassification, endorsement
DOI: 10.3233/JCS-2006-14203
Journal: Journal of Computer Security, vol. 14, no. 2, pp. 157-196, 2006
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl