Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
2009
Springer
2009
Springer
Declassification with Explicit Reference Points
Noninterference requires that public outputs of a program must be completely independent from secrets. While this ensures that secrets cannot be leaked, it is too restrictive for many applications. For instance, the output of a knowledge-based authentication mechanism needs to reveal whether an input matches the secret password. The research problem is to allow such exceptions without giving up too much. Though a number of solutions has been developed, the problem is not yet satisfactorily solved. In this article, we propose a framework to control what information is declassified. Our contributions include a policy language, a semantic characterization of information flow security, and a sound security type system. The main technical novelty is the explicit treatment of so called reference points, which allows us to offer substantially more flexible control of what is released than in existing approaches.
Real-time TrafficESORICS 2009 | Knowledge-based Authentication Mechanism | Public Outputs | Security Privacy | Security Type System |
Related Content
| Added | 16 Aug 2010 |
| Updated | 16 Aug 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ESORICS |
| Authors | Alexander Lux, Heiko Mantel |
Comments (0)
Researcher Info
|
