Trusted declassification: High-level policy for a security-typed language

PLAS 2006 - Proceedings of the 2006 Programming Languages and Analysis for Security Workshop

Volumn 2006, Issue , 2006, Pages 65-74

  Hicks, Boniface ^a   King, Dave ^a   McDaniel, Patrick ^a   Hicks, Michael ^b  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

^b UNIVERSITY OF MARYLAND   (United States)

Author keywords

Declassificaiton; FJifP; Information flow control; Jif; Noninterference modulo trusted methods; Se curity policy; Security typed languages; Trusted declassification

Indexed keywords

DECLASSIFICAITON; FJIFP; INFORMATION-FLOW CONTROL; JIF; NONINTERFERENCE MODULO TRUSTED METHODS; SE-CURITY POLICY; SECURITY-TYPED LANGUAGES; TRUSTED DECLASSIFICATION;

CLASSIFICATION (OF INFORMATION); COMPUTER SOFTWARE; CRYPTOGRAPHY; ELECTRONIC MAIL; PUBLIC POLICY; SECURITY OF DATA;

COMPUTER PROGRAMMING LANGUAGES;

EID: 33745957768     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (20)

1. ASKAROV, A., AND SABELFELD, A. Secure implementation of cryptographic protocols: A case study of mutual distrust. In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS '05) (Milan, Italy, September 2005), LNCS, Springer-Verlag.
2. BANERJEE, A., AND NAUMANN, D. A. Stack-based access control and secure information flow. Journal of Functional Programming 15, 2 (2005), 131-177. Special issue on Language-based Security.
3. BROBERG, N., AND SANDS, D. Flow locks: Towards a core calculus for dynamic flow policies. In Proceedings of ESOP'06, European Symposium on Programming (Vienna, Austria, March 2006), LNCS, Springer-Verlag.
4. CHONG, S., AND MYERS, A. C. Security policies for downgrading. In Proceedings of the 11th ACM Conference on Computer and Communications Security (Oct 2004), ACM.
5. CHONG, S., AND MYERS, A. C. Decentralized robustness. In Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW) (Venice, July 2006). to appear.
6. HICKS, B., AHMADIZADEH, K., AND MCDANIEL, P. From Languages to Systems: Understanding Practical Application Development in Security-typed Languages. Tech. Rep. NAS-TR-0035-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2006.
7. HICKS, B., KING, D., MCDANIEL, P., AND HICKS, M. Trusted declassification: High-level policy for a security-typed language. Tech. Rep. NAS-TR-0033-2006, Networking and Security Research Center, Department of Computer Science, Pennsylvania State University, March 2006.
8. HICKS, M., TSE, S., HICKS, B., AND ZDANCEWIC, S. Dynamic updating of information-flow policies. In Proceedings of the Foundations of Computer Security Workshop (FCS '05) (March 2005).
9. IGARASHI, A., PIERCE, B., AND WADLER, P. Featherweight Java: A minimal core calculus for Java and GJ. In Proceedings of the 1999 ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA'99) (N. Y., 1999), L. Meissner, Ed., vol. 34(10), pp. 132-146.
10. LI, P., AND ZDANCEWIC, S. Downgrading policies and relaxed noninterference. In Proc. 32nd ACM Symp. on Principles of Programming Languages (POPL) (2005).
11. MANTEL, H., AND SANDS, D. Controlled declassification based on intransitive noninterference. In Proceedings of the Asian Symposium on Programming Languages and Systems (Taipei, Taiwan, 2004), vol. 3302, Springer-Verlag, pp. 129-145.
12. MATOS, A. A., AND BOUDOL, G. On declassification and the non-disclosure policy. In Proceedings of the Computer Security Foundations Workshop (CSFW'05) (June 2005).
13. MYERS, A. C. Mostly-static decentralized information flow control. Technical Report MIT/LCSATR-783, Massachusetts Institute of Technology, University of Cambridge, January 1999. Ph.D. thesis.
14. MYERS, A. C., NYSTROM, N., ZHENG, L., AND ZDANCEWIC, S. Jif: Java + information flow. Software release. Located at http://www.cs.cornell.edu/jif, July 2001.
15. MYERS, A. C., SABELFELD, A., AND ZDANCEWIC, S. Enforcing robust declassification. To appear in Journal of Computer Security, 2006.
16. POTTIER, F., AND SIMONET, V. Information flow inference for ML. In Proceedings of the ACM Symposium on Principles of Programming Languages (POPL '02) (January 2002), pp. 319-330.
17. SABELFELD, A., AND MYERS, A. C. Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21, 1 (January 2003), 5-19.
18. SABELFELD, A., AND SANDS, D. Dimensions and principles of declassification. In Proceedings of the IEEE Computer Security Foundations Workshop (Aix-en-Provence, France, June 2005).
19. SWAMY, N., HICKS, M., TSE, S., AND ZDANCEWIC, S. Managing policy updates in security-typed languages, February 2006. Submitted for publication.
20. TSE, S., AND ZDANCEWIC, S. A design for a security-typed language with certificate-based declassification. In Proc. of the 10th European Symposium on Programming (2005), Lecture Notes in Computer Science.