Declassification with Explicit Reference Points

13 years 10 months ago
Declassification with Explicit Reference Points
Noninterference requires that public outputs of a program must be completely independent from secrets. While this ensures that secrets cannot be leaked, it is too restrictive for many applications. For instance, the output of a knowledge-based authentication mechanism needs to reveal whether an input matches the secret password. The research problem is to allow such exceptions without giving up too much. Though a number of solutions has been developed, the problem is not yet satisfactorily solved. In this article, we propose a framework to control what information is declassified. Our contributions include a policy language, a semantic characterization of information flow security, and a sound security type system. The main technical novelty is the explicit treatment of so called reference points, which allows us to offer substantially more flexible control of what is released than in existing approaches.
Alexander Lux, Heiko Mantel
Added 16 Aug 2010
Updated 16 Aug 2010
Type Conference
Year 2009
Authors Alexander Lux, Heiko Mantel
Comments (0)