Security policies for downgrading

Stephen Chong, Andrew C. Myers
2004 Proceedings of the 11th ACM conference on Computer and communications security - CCS '04  
A long-standing problem in information security is how to specify and enforce expressive security policies that control information flow while also permitting information release (i.e., declassification) where appropriate. This paper presents security policies for downgrading and a security type system that incorporates them, allowing secure downgrading of information through an explicit declassification operation. Examples are given showing that the downgrading policy language captures useful
more » ... spects of designer intent. These policies are connected to a semantic security condition that generalizes noninterference, and the type system is shown to enforce this security condition.
doi:10.1145/1030083.1030110 dblp:conf/ccs/ChongM04 fatcat:xtnq3aqow5azfcdpz2bx25sizm