Paper Info
Title
Abstractions for usable information flow control in Aeolus
Abstract
Despite the increasing importance of protecting confidential data, building secure software remains as challenging as ever. This paper describes Aeolus, a new platform for building secure distributed applications. Aeolus uses information flow control to provide confidentiality and data integrity. It differs from previous information flow control systems in a way that we believe makes it easier to understand and use. Aeolus uses a new, simpler security model, the first to combine a standard principal-based scheme for authority management with thread-granularity information flow tracking. The principal hierarchy matches the way developers already reason about authority and access control, and the coarse-grained information flow tracking eases the task of defining a program's security restrictions. In addition, Aeolus provides a number of new mechanisms (authority closures, compound tags, boxes, and shared volatile state) that support common design patterns in secure application design.
Year
Venue
Keywords
2012
USENIX Annual Technical Conference
new platform,previous information flow control,secure application design,authority closure,new mechanism,access control,coarse-grained information flow tracking,usable information flow control,information flow control,thread-granularity information flow tracking,authority management
Field
DocType
Citations 
USable,Information flow (information theory),Confidentiality,Computer security,Computer science,Software design pattern,Software,Data integrity,Access control,Computer security model
Conference
33
PageRank 
References 
Authors
0.98
18
9
Name
Order
Citations
PageRank
Winnie Cheng1341.39
Dan R. K. Ports244522.52
David Schultz3330.98
Victoria Popic4824.28
Aaron Blankstein51085.52
James Cowling62509.36
Dorothy Curtis7330.98
Liuba Shrira81141178.23
Barbara Liskov960251219.69