A Semantic Framework for Declassification and Endorsement

9 years 9 months ago
A Semantic Framework for Declassification and Endorsement
Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced declassification mechanisms for relaxing confidentiality policies, and endorsement mechanisms for relaxing integrity policies. However, a continuing challenge has been to define what security is guaranteed when such mechanisms are used. This paper presents a new semantic framework for expressing security policies for declassification and endorsement in a language-based setting. The key insight is that security can be described in terms of the power that declassification and endorsement give the attacker. The new framework specifies how attackercontrolled code affects program execution and what the attacker is able to learn from observable effects of this code. This approach yields novel security conditions for checked endorsements and robust integrity. The fram...
Aslan Askarov, Andrew Myers
Added 02 Sep 2010
Updated 02 Sep 2010
Type Conference
Year 2010
Where ESOP
Authors Aslan Askarov, Andrew Myers
Comments (0)