Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESOP
2005
Springer
2005
Springer
Programming with Explicit Security Policies
Are computing systems trustworthy? To answer this, we need to know three things: what the systems are supposed to do, what they are not supposed to do, and what they actually do. All three are problematic. There is no expressive, practical way to specify what systems must do and must not do. And if we had a specification, it would likely be infeasible to show that existing computing systems satisfy it. The alternative is to design it in from the beginning: accompany programs with explicit, machine-checked security policies, written by programmers as part of program development. Trustworthy systems must safeguard the end-to-end confidentiality, integrity, and availability of information they manipulate. We currently lack both sufficiently expressive specifications for these information security properties, and sufficiently accurate methods for checking them. Fortunately there has been progress on both fronts. First, information security policies can be made more expressive than sim...
Real-time TrafficComputing Systems | ESOP 2005 | Information Security Policies | Programming Languages | Security Policies |
Related Content
| Added | 27 Jun 2010 |
| Updated | 27 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | ESOP |
| Authors | Andrew C. Myers |
Comments (0)
Researcher Info
|
