Paper Info
Title
Assuming You Know: Epistemic Semantics of Relational Annotations for Expressive Flow Policies
Abstract
Many high-level security requirements are about the allowed flow of information in programs, but are difficult to make precise because they involve selective downgrading. Quite a few mutually incompatible and ad-hoc approaches have been proposed for specifying and enforcing downgrading policies. Prior surveys of these approaches have not provided a unifying technical framework. Notions from epistemic logic have emerged as a good approach to policy semantics but are considerably removed from well developed static and dynamic enforcement techniques. We develop a unified framework for expressing, giving meaning and enforcing information downgrading policies that builds on commonly known and widely deployed concepts and techniques, especially static and dynamic assertion checking. These concepts should make information flow accessible and enable developers without special training to specify precise policies. The unified framework allows to directly compare different policy specification styles and enforce them by leveraging existing techniques.
Year
DOI
Venue
2018
10.1109/CSF.2018.00021
2018 IEEE 31st Computer Security Foundations Symposium (CSF)
Keywords
Field
DocType
information-flow-security,-epistemic-logic,-program-annotations,-relational-verification,-monitoring
Epistemic modal logic,Information flow (information theory),Software engineering,Computer science,Assertion,Theoretical computer science,Password,Enforcement,Semantics
Conference
ISSN
ISBN
Citations 
1940-1434
978-1-5386-6681-4
2
PageRank 
References 
Authors
0.36
29
2
Name
Order
Citations
PageRank
Andrey Chudnov11807.97
David Naumann2110184.12