Sciweavers

CSFW
2008
IEEE

End-to-End Enforcement of Erasure and Declassification

14 years 2 months ago
End-to-End Enforcement of Erasure and Declassification
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system. This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy. We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system.
Stephen Chong, Andrew C. Myers
Added 19 Oct 2010
Updated 19 Oct 2010
Type Conference
Year 2008
Where CSFW
Authors Stephen Chong, Andrew C. Myers
Comments (0)