Name
Abstract | ||
|---|---|---|
Security-typed languages promise to be a powerful tool with which provably secure software applications may be developed. Programs written in these languages enforce a strong, global policy of noninterferencewhich ensures that high-security data will not be observable on low-security channels. Because noninterference is typically too strong a property, most programs use some form of declassification to selectively leak high security information, e.g. when performing a password check or data encryption. Unfortunately, such a declassification is often expressed as an operation within a given program, rather than as part of a global policy, making reasoning about the security implications of a policy more difficult.In this paper, we propose a simple idea we call trusted declassification in which special declassifier functions are specified as part of the global policy. In particular, individual principals declaratively specify which declassifiers they trust so that all information flows implied by the policy can be reasoned about in absence of a particular program. We formalize our approach for a Java-like language and prove a modified form of noninterference which we call noninterference modulo trusted methods. We have implemented our approach as an extension to Jif and provide some of our experience using it to build a secure e-mail client. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1145/1134744.1134757 | PLAS |
Keywords | Field | DocType |
high-level policy,secure e-mail client,modified form,data encryption,noninterference modulo,trusted declassification,security implication,global policy,security-typed language,particular program,high-security data,secure software application,leak high security information,provable security,languages,design,security policy | Modulo,Computer security,Computer science,Declassification,Communication channel,Encryption,Software,Password,Security policy | Conference |
ISBN | Citations | PageRank |
1-59593-374-3 | 20 | 1.08 |
References | Authors | |
19 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Boniface Hicks | 1 | 171 | 11.48 |
| Dave King | 2 | 83 | 4.89 |
| P. McDaniel | 3 | 7174 | 494.57 |
| Michael Hicks | 4 | 20 | 1.08 |