A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Enforcing Robust Declassification and Qualified Robustness
2006
Journal of Computer Security
Preserved Fulltext
It describes a simple way to provably enforce this robustness property through a type-based compile-time program analysis. ...
This paper shows that a robustness property can be used to characterize programs in which declassification mechanisms cannot be controlled by attackers to release more information than intended. ...
Acknowledgments Thanks are due to David Naumann, David Sands, Stephen Chong, Daniel Hedin, Fred Schneider, and the anonymous reviewers for their useful feedback. ...
doi:10.3233/jcs-2006-14203
fatcat:tnahsmwtnfb7tfwx5g2aqfg6q4
It's My Privilege: Controlling Downgrading in DC-Labels
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We extend DC-labels with the novel notions of bounded privileges and robust privileges. Bounded privileges specify and enforce upper and lower bounds on the labels of data that may be downgraded. ...
We provide sound and complete run-time security checks to ensure downgrading operations are robust. ...
[16] enforce robust declassification with a security type system [19, 24] , and introduce qualified robustness, which extends the concept to reason about endorsement. ...
doi:10.1007/978-3-319-24858-5_13
fatcat:3elaa6lgfnbcpgjg4rmtzhtq4y
A Semantic Framework for Declassification and Endorsement
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
The framework is flexible enough to recover and to improve on the previously introduced notions of robustness and qualified robustness. ...
This approach yields novel security conditions for checked endorsements and robust integrity. ...
The prior work also develops type systems for enforcing robust declassification, which are implemented as part of Jif [15] . However, the security conditions for robustness are not satisfactory. ...
doi:10.1007/978-3-642-11957-6_5
fatcat:nd72zgaapnflbie4fiw2qgee2u
Nonmalleable Information Flow Control
2017
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security - CCS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
robust declassification and transparent endorsement. ...
Robust declassification appeared to break the duality of confidentiality and integrity by making confidentiality depend on integrity, but transparent endorsement makes integrity depend on confidentiality ...
Rx constrains updates to roles similarly to previous type systems that enforce robust declassification and qualified robustness but does not prevent opaque endorsements. ...
doi:10.1145/3133956.3134054
dblp:conf/ccs/CecchettiMA17
fatcat:m6argfqthfcxdpjfkvnrnqqeii
Declassification: Dimensions and principles
2009
Journal of Computer Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf.
With a general declassification framework as a long-term goal, we identify some prudent principles of declassification. ...
These principles shed light on existing definitions and may also serve as useful "sanity checks" for emerging models. ...
Myers and Pablo Giambiagi for fruitful discussions. ...
doi:10.3233/jcs-2009-0352
fatcat:c6ngeq6bbrgnvfdc6r3jjqz77a
Attacker Control and Impact for Confidentiality and Integrity
2011
Logical Methods in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Other Versions
The framework is flexible enough to recover and to improve on the previously introduced notions of robustness and qualified robustness. ...
This approach yields novel security conditions for checked endorsements and robust integrity. ...
The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies ...
doi:10.2168/lmcs-7(3:17)2011
fatcat:ondjnwnxffdkjad5d6rvinymsa
Nonmalleable Information Flow: Technical Report
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
robust declassification and transparent endorsement. ...
Robust declassification appeared to break the duality of confidentiality and integrity by making confidentiality depend on integrity, but transparent endorsement makes integrity depend on confidentiality ...
Tom Magrino, Yizhou Zhang, and the anonymous reviewers gave us useful feedback on the paper. Funding for this work was provided by NSF grants 1513797 and 1524052, and by a gift from Google. ...
arXiv:1708.08596v2
fatcat:5ycmxwn2rvfylcelme2brkbulq
A Model for Delimited Information Release
[chapter]
2004
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2005; you can also visit the original URL.
The file type is application/pdf.
In addition, a security type system is given that straightforwardly and provably enforces delimited release. ...
However, many intuitively secure programs do allow some release, or declassification, of secret information (e.g., password checking, information purchase, and spreadsheet computation). ...
Acknowledgment Thanks are due to Fabio Martinelli, David Sands, Eijiro Sumii, and Steve Zdancewic for helpful comments. ...
doi:10.1007/978-3-540-37621-7_9
fatcat:sr33oc572ncu3f4zsjewml6cim
A Dependently Typed Library for Static Information-Flow Control in Idris
[chapter]
2019
Research Series on the Chinese Dream and China's Development Path
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Finally, we show novel and powerful means of specifying statically enforced declassification policies using dependent types. ...
Pure functional programming languages, like Haskell, make it possible to enforce lightweight information-flow control through libraries like MAC by Russo. ...
Thanks are due to Mathias Vorreiter Pedersen, Bas Spitters, Alejandro Russo, and Marco Vassena for their valuable insights and the anonymous reviewers for their comments on this paper. ...
doi:10.1007/978-3-030-17138-4_3
dblp:conf/post/GregersenTA19
fatcat:6czmxk7yubhjpoy5jlmlkgps4e
Flow-Limited Authorization
2015
2015 IEEE 28th Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Enforcing the confidentiality and integrity of information is critical in distributed applications. ...
Flame uses type-level constraints and monadic effects to statically enforce flow-limited authorization for Haskell programs in a modular way. ...
One of these approaches, robust privileges, is conjectured to enforce a property analogous to robust declassification and qualified robustness in the DLM. ...
doi:10.1109/csf.2015.42
dblp:conf/csfw/ArdenLM15
fatcat:sxrbaf5vyffyfdhafjvqnqmyry
A Calculus for Flow-Limited Authorization
2016
2016 IEEE 29th Computer Security Foundations Symposium (CSF)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
These guarantees include noninterference and robust declassification, which prevent attackers from influencing information disclosures in unauthorized ways. ...
We prove these security properties formally for all FLAC programs and explore the expressiveness of FLAC with several examples. ...
ACKNOWLEDGMENTS We thank Mike George, Elaine Shi, and Fred Schneider for helpful discussions, our anonymous reviewers for their comments and suggestions, and Jed Liu and Matt Stillerman for feedback on ...
doi:10.1109/csf.2016.17
dblp:conf/csfw/ArdenM16
fatcat:mplpyj3r4bef5ip6ojubabceem
Abstract non-interference
2004
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '04
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2011; you can also visit the original URL.
The file type is application/pdf.
and reasoning about information-flow in programming languages. ...
Due to its semantic-based approach and the generality of abstract interpretation and non-interference notions, abstract non-interference can be fairly considered as a unifying theory for understanding ...
The key point of this paper is the proof that both robust and qualified declassification can be enforced by a compile-time program analysis based on a simple type system. ...
doi:10.1145/964001.964017
dblp:conf/popl/GiacobazziM04
fatcat:ne3s25yfdvcz5ojkzbi6nqg36q
Secure multi-execution: Fine-grained, declassification-aware, and transparent
2016
Journal of Computer Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Third, we introduce a declassification model for secure multi-execution that allows expressing what information can be released and where it can be released. ...
Secure multi-execution (SME) is an elegant way to enforce security by executing a given program multiple times, once for each security level, while carefully dispatching inputs and ensuring that an execution ...
Acknowledgments Thanks are due to Frank Piessens for generous feedback, and to Daniel Hedin, and David Sands for the useful discussions. ...
doi:10.3233/jcs-150541
fatcat:mwi3i4rod5bu3io4ltlfb2eq5u
Secure Multi-execution: Fine-Grained, Declassification-Aware, and Transparent
2013
2013 IEEE 26th Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Third, we introduce a declassification model for secure multi-execution that allows expressing what information can be released and where it can be released. ...
Secure multi-execution (SME) is an elegant way to enforce security by executing a given program multiple times, once for each security level, while carefully dispatching inputs and ensuring that an execution ...
Acknowledgments Thanks are due to Frank Piessens for generous feedback, and to Daniel Hedin, and David Sands for the useful discussions. ...
doi:10.1109/csf.2013.10
dblp:conf/csfw/RafnssonS13
fatcat:rfhzsmmqonaqvcb46vyqilzivm
Sharing Mobile Code Securely with Information Flow Control
2012
2012 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show that these constraints offer principled enforcement of strong security while avoiding the limitations of current mobile-code security mechanisms. ...
IEEE Symposium on Security and Privacy ...
Danfeng Zhang improved declassification and error reporting. ...
doi:10.1109/sp.2012.22
dblp:conf/sp/ArdenGLVAM12
fatcat:srz5xyq3avdlfn2shojv4l4zka
« Previous
Showing results 1 — 15 out of 171 results