Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems release sensitive information as part of their in...
Andrew C. Myers, Andrei Sabelfeld, Steve Zdancewic
Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems perform intentional release of sensitive informat...
Andrew C. Myers, Andrei Sabelfeld, Steve Zdancewic
Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Se...
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of comple...
This paper provides a way to specify expressive declassification policies, in particular, when, what, and where policies that include conditions under which downgrading is allowed...
Anindya Banerjee, David A. Naumann, Stan Rosenberg