Complete, safe information flow with decentralized labels
- 27 November 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- No. 10816011,p. 186-197
- https://doi.org/10.1109/secpri.1998.674834
Abstract
The growing use of mobile code in downloaded applications and servlets has increased interest in robust mechanisms for ensuring privacy and secrecy. Information flow control is intended to directly address privacy and secrecy concerns, but most information flow models are too restrictive to be widely used. The decentralized label model is a new information flow model that extends traditional models with per-principal information flow policies and also permits a safe form of declassification. This paper extends this new model further, making it more flexible and expressive. We define a new formal semantics for decentralized labels and a corresponding new rule for relabeling data that is both sound and complete. We also show that these extensions preserve the ability to statically check information flow.Keywords
This publication has 20 references indexed in Scilit:
- Secrecy by typing in security protocolsPublished by Springer Nature ,1997
- Provably-secure programming languages for remote evaluationACM SIGPLAN Notices, 1997
- Elements of style: analyzing a software design feature with a counterexample detectorIEEE Transactions on Software Engineering, 1996
- Trust in the λ-calculusPublished by Springer Nature ,1995
- Multilevel security in the UNIX traditionSoftware: Practice and Experience, 1992
- An Axiomatic Approach to Information Flow in ProgramsACM Transactions on Programming Languages and Systems, 1980
- A language extension for expressing constraints on data accessCommunications of the ACM, 1978
- Certification of programs for secure information flowCommunications of the ACM, 1977
- A lattice model of secure information flowCommunications of the ACM, 1976
- Protection and the control of information sharing in multicsCommunications of the ACM, 1974