Expressive Declassification Policies and Modular Static Enforcement

13 years 11 months ago

Download www.cs.stevens.edu

This paper provides a way to specify expressive declassification policies, in particular, when, what, and where policies that include conditions under which downgrading is allowed. Secondly, an end-to-end semantic property is introduced, based on a model that allows observations of intermediate low states as well as termination. An attacker's knowledge only increases at explicit declassification steps, and within limits set by policy. Thirdly, static enforcement is provided by combining type-checking with program verification techniques applied to the small subprograms that carry out declassifications. Enforcement is proved sound for a simple programming language and the extension to object-oriented programs is described.

Anindya Banerjee, David A. Naumann, Stan Rosenberg

Real-time Traffic

End-to-end Semantic Property | Explicit Declassification Steps | Expressive Declassification Policies | Security Privacy | SP 2008 |

claim paper

Post Info
More Details (n/a)

Added	15 Dec 2010
Updated	15 Dec 2010
Type	Journal
Year	2008
Where	SP
Authors	Anindya Banerjee, David A. Naumann, Stan Rosenberg

Comments (0)

Sciweavers

Expressive Declassification Policies and Modular Static Enforcement

End-to-end Semantic Property | Explicit Declassification Steps | Expressive Declassification Policies | Security Privacy | SP 2008 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers