Abstract | ||
---|---|---|
Despite the increasing importance of protecting confidential data, building secure software remains as challenging as ever. This paper describes Aeolus, a new platform for building secure distributed applications. Aeolus uses information flow control to provide confidentiality and data integrity. It differs from previous information flow control systems in a way that we believe makes it easier to understand and use. Aeolus uses a new, simpler security model, the first to combine a standard principal-based scheme for authority management with thread-granularity information flow tracking. The principal hierarchy matches the way developers already reason about authority and access control, and the coarse-grained information flow tracking eases the task of defining a program's security restrictions. In addition, Aeolus provides a number of new mechanisms (authority closures, compound tags, boxes, and shared volatile state) that support common design patterns in secure application design. |
Year | Venue | Keywords |
---|---|---|
2012 | USENIX Annual Technical Conference | new platform,previous information flow control,secure application design,authority closure,new mechanism,access control,coarse-grained information flow tracking,usable information flow control,information flow control,thread-granularity information flow tracking,authority management |
Field | DocType | Citations |
USable,Information flow (information theory),Confidentiality,Computer security,Computer science,Software design pattern,Software,Data integrity,Access control,Computer security model | Conference | 33 |
PageRank | References | Authors |
0.98 | 18 | 9 |
Name | Order | Citations | PageRank |
---|---|---|---|
Winnie Cheng | 1 | 34 | 1.39 |
Dan R. K. Ports | 2 | 445 | 22.52 |
David Schultz | 3 | 33 | 0.98 |
Victoria Popic | 4 | 82 | 4.28 |
Aaron Blankstein | 5 | 108 | 5.52 |
James Cowling | 6 | 250 | 9.36 |
Dorothy Curtis | 7 | 33 | 0.98 |
Liuba Shrira | 8 | 1141 | 178.23 |
Barbara Liskov | 9 | 6025 | 1219.69 |