Sciweavers

CSFW
2005
IEEE

Language-Based Information Erasure

14 years 6 months ago
Language-Based Information Erasure
Real computing systems sometimes need to forget sensitive information. This paper explores the specification and semantics of information erasure policies, which impose a strong, end-to-end requirement that information be either erased or made less accessible. Simple lattice-based information flow policies, corresponding to a noninterference requirement, are augmented with the ability to express explicit erasure and declassification policies. Examples are given of applying this expressive policy language to real systems. The paper gives tools for reasoning about policy enforcement either statically or dynamically. Further, the significance of these policies to security is formally explained in terms of trace-based semantic security properties: generalizations of noninterference that accommodate erasure and declassification.
Stephen Chong, Andrew C. Myers
Added 24 Jun 2010
Updated 24 Jun 2010
Type Conference
Year 2005
Where CSFW
Authors Stephen Chong, Andrew C. Myers
Comments (0)