Secure information flow as a safety problem

被引:0
|
作者
Terauchi, T
Aiken, A
机构
[1] Univ Calif Berkeley, EECS Dept, Berkeley, CA 94720 USA
[2] Stanford Univ, Comp Sci Dept, Stanford, CA USA
来源
STATIC ANALYSIS, PROCEEDINGS | 2005年 / 3672卷
关键词
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The termination insensitive secure information flow problem can be reduced to solving a safety problem via a simple program transformation. Barthe, D'Argenio, and Rezk coined the term "self-composition" to describe this reduction. This paper generalizes the self-compositional approach with a form of information downgrading recently proposed by Li and Zdancewic. We also identify a problem with applying the self-compositional approach in practice, and we present a solution to this problem that makes use of more traditional type-based approaches. The result is a framework that combines the best of both worlds, i.e., better than traditional type-based approaches and better than the self-compositional approach.
引用
收藏
页码:352 / 367
页数:16
相关论文
共 50 条
  • [31] Verifying Secure Information Flow in Federated Clouds
    Zeng, Wen
    Koutny, Maciej
    Watson, Paul
    2014 IEEE 6TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE (CLOUDCOM), 2014, : 78 - 85
  • [32] Information Flow Control for Secure Cloud Computing
    Bacon, Jean
    Eyers, David
    Pasquier, Thomas F. J. -M.
    Singh, Jatinder
    Papagiannis, Ioannis
    Pietzuch, Peter
    IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2014, 11 (01): : 76 - 89
  • [33] Secure information flow by self-composition
    Barthe, Gilles
    D'Argenio, Pedro R.
    Rezk, Tamara
    MATHEMATICAL STRUCTURES IN COMPUTER SCIENCE, 2011, 21 (06) : 1207 - 1252
  • [34] Secure information flow with random assignment and encryption
    School of Computing and Information Sciences, Florida International University, Miami, FL 33199, United States
    Proc. Fourth ACM Workshop Formal Methods Secur. Eng. FMSE Conf.Comput. Commun. Secur., 2006, (33-44):
  • [35] Stream Processing with Secure Information Flow Constraints
    Ray, Indrakshi
    Adaikkalavan, Raman
    Xie, Xing
    Gamble, Rose
    DATA AND APPLICATIONS SECURITY AND PRIVACY XXIX, 2015, 9149 : 311 - 329
  • [36] A uniform type structure for secure information flow
    Honda, Kohei
    Yoshida, Nobuko
    ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2007, 29 (06):
  • [37] Engineering Policies for Secure Interorganizational Information Flow
    Kunz, Steffen
    Fabian, Benjamin
    Marx, Daniel
    Mueller, Sebastian
    2011 15TH IEEE INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS (EDOC 2011), 2011, : 438 - 447
  • [38] Secure Refactoring with Java']Java Information Flow
    Helke, Steffen
    Kammuller, Florian
    Probst, Christian W.
    DATA PRIVACY MANAGEMENT, AND SECURITY ASSURANCE, 2016, 9481 : 264 - 272
  • [39] Secure information flow via linear continuations
    Zdancewic, Steve
    Myers, Andrew C.
    Higher-Order and Symbolic Computation, 2002, 15 (2-3) : 209 - 234
  • [40] Safety, Closure, and the Flow of Information
    Jens Kipper
    Erkenntnis, 2016, 81 : 1109 - 1126
12345