Controlling the what and where of declassification in language-based security

Mantel, Heiko; Reinhard, Alexander

Controlling the what and where of declassification in language-based security

Publikationstyp

Conference Paper

Date Issued

2007-03

Sprache

English

Author(s)

Mantel, Heiko

Reinhard, Alexander

TORE-URI

http://hdl.handle.net/11420/13919

First published in

Lecture notes in computer science

Number in series

4421 LNCS

Start Page

141

End Page

156

Citation

Lecture Notes in Computer Science 4421 LNCS: 141-156 (2007)

Contribution to Conference

16th European Symposium on Programming, ESOP 2007

Publisher DOI

10.1007/978-3-540-71316-6_11

Scopus ID

2-s2.0-37149055443

Publisher

Springer

While a rigorous information flow analysis is a key step in obtaining meaningful end-to-end confidentiality guarantees, one must also permit possibilities for declassification. Sabelfeld and Sands categorized the existing approaches to controlling declassification in their overview along four dimensions and according to four prudent principles [16]. In this article, we propose three novel security conditions for controlling the dimensions where and what, and we explain why these conditions constitute improvements over prior approaches. Moreover, we present a type-based security analysis and, as another novelty, prove a soundness result that considers more than one dimension of declassification.

DDC Class

004: Informatik

Options

Controlling the what and where of declassification in language-based security