This paper presents an embedded security sublanguage for enforcing informationflow policies in the standard Haskell programming language. The sublanguage provides useful informat...
We present a discretionary access control framework that can be used to control a principal’s ability to link information from two or more audit records and compromise a user’...
In many systems, items of information have owners associated with them. An owner of an item of information may want the system to enforce a policy that restricts use of that infor...
Access control mechanisms are widely used with the intent of enforcing confidentiality and other policies, but few formal connections have been made between information flow and...
Abstract: We report on ongoing work towards a posteriori detection of illegal information flows for business processes, focusing on the challenges involved in doing so. Resembling ...