Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CSFW
2010
IEEE
2010
IEEE
Information Flow in Credential Systems
—This paper proposes a systematic study of information flow in credential-based declarative authorization policies. It argues that a treatment in terms of information flow is needed to adequately describe, analyze and mitigate a class of probing attacks which allow an adversary to infer any confidential fact within a policy. Two information flow properties that have been studied in the context of state transition systems, non-interference and opacity, are reformulated in the current context of policy languages. A comparison between these properties reveals that opacity is the more useful, and more general of the two; indeed, it is shown that non-interference can be stated in terms of opacity. The paper then presents an inference system for non-opacity, or detectability, in Datalog-based policies. Finally, a pragmatic method is presented, based on a mild modification of the mechanics of delegation, for preventing a particularly dangerous kind of probing attack that abuses delegat...
Real-time TrafficCredential-based Declarative Authorization | CSFW 2010 | Information flow | Security Privacy | State Transition Systems |
Related Content
| Added | 15 Aug 2010 |
| Updated | 15 Aug 2010 |
| Type | Conference |
| Year | 2010 |
| Where | CSFW |
| Authors | Moritz Y. Becker |
Comments (0)
Researcher Info
|
