Required information release

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2010, Pages 215-227

  Chong, Stephen ^a  

^a HARVARD UNIVERSITY   (United States)

Author keywords

Algorithmic knowledge; Declassification; Information flow; Information release

Indexed keywords

ALGORITHMIC KNOWLEDGE; DECLASSIFICATION; FUNCTIONAL REQUIREMENT; INFORMATION FLOW CONTROL; INFORMATION FLOWS; INFORMATION RELEASE; INFORMATION SECURITY REQUIREMENTS; SEMANTIC SECURITY; TYPE SYSTEMS;

SECURITY SYSTEMS;

NETWORK SECURITY;

EID: 77957606221     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2010.22     Document Type: Conference Paper

References (30)

1. A. Sabelfeld and A. Myers, "Language-based information-flow security, " IEEE Journal on Selected Areas in Communications, vol. 21, no. 1, pp. 5-19, Jan. 2003.
2. J. A. Goguen and J. Meseguer, "Security policies and security models, " in Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, Apr. 1982, pp. 11-20.
3. P. Li and S. Zdancewic, "Downgrading policies and relaxed noninterference, " in Conference Record of the Thirty-Second Annual ACM Symposium on Principles of Programming Languages. ACM Press, Jan. 2005.
4. S. Chong and A. C. Myers, "Security policies for downgrading, " in Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM Press, Oct. 2004.
5. D. Clark, S. Hunt, and P. Malacaria, "Quantified interference for a while language, " Electronic Notes in Theoretical Computer Science, vol. 112, pp. 149-166, Jan. 2005.
6. A. Sabelfeld and D. Sands, "Dimensions and principles of declassification, " in Proceedings of the 18th IEEE Computer Security Foundations Workshop, Jun. 2005, pp. 255-269.
7. R. van der Meyden, "What, indeed, is intransitive noninterference?" in Proceedings of the 12th European Symposium On Research In Computer Security, ser. Lecture Notes in Computer Science, vol. 4734. Springer, Sep. 2007, pp. 235-250.
8. N. Swamy and M. Hicks, "Verified enforcement of automaton-based information release policies, " in Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security. ACM Press, Jun. 2008.
9. A. Banerjee, D. A. Naumann, and S. Rosenberg, "Expressive declassification policies and modular static enforcement, " in Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, May 2008.
10. J. Y. Halpern, Y. Moses, and M. Y. Vardi, "Algorithmic knowledge, " in Proceedings of the 5th Conference on Theoretical Aspects of Reasoning about Knowledge, Mar. 1994, pp. 255-266.
11. A. Sabelfeld and A. C. Myers, "A model for delimited release, " in Proceedings of the 2003 International Symposium on Software Security, ser. Lecture Notes in Computer Science, no. 3233. Springer-Verlag, 2004, pp. 174-191.
12. J. Hintikka, Knowledge and Belief. Cornell University Press, 1962.
13. R. Fagin, J. Y. Halpern, Y. Moses, and M. Y. Vardi, Reasoning about Knowledge. Cambridge, MA: MIT Press, 1995.
14. R. Ramanujam, "View-based explicit knowledge, " Annals of Pure and Applied Logic, vol. 96, pp. 343-368, 1999.
15. R. Pucella, "Deductive algorithmic knowledge, " Journal of Logic and Computation, vol. 16, no. 2, pp. 287- 309, 2006.
16. K. R. O'Neill, M. R. Clarkson, and S. Chong, "Information-flow security for interactive programs, " in Proceedings of the 19th IEEE Computer Security Foundations Workshop. IEEE Computer Society, Jun. 2006.
17. A. C. Myers and B. Liskov, "Complete, safe information flow with decentralized labels, " in Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, May 1998, pp. 186-197.
18. H. Chen and S. Chong, "Owned policies for information security, " in Proceedings of the 17th IEEE Computer Security Foundations Workshop. IEEE Computer Society, Jun. 2004.
19. B. Alpern and F. B. Schneider, "Defining liveness, " Information Processing Letters, vol. 21, no. 4, pp. 181- 185, Oct. 1985.
20. M. R. Clarkson and F. B. Schneider, "Hyperproperties, " in Proceedings of the 21st IEEE Computer Security Foundations Symposium, Jul. 2008.
21. D. E. Denning and P. J. Denning, "Certification of programs for secure information flow, " Communications of the ACM, vol. 20, no. 7, pp. 504-513, Jul. 1977.
22. S. Hunt and D. Sands, "On flow-sensitive security types, " in Conference Record of the Thirty-Third Annual ACM Symposium on Principles of Programming Languages. ACM Press, Jan. 2006, pp. 79-90.
23. S. Chong, "Required information release, " Harvard Computer Science, Tech. Rep. TR-04-10, Apr. 2010.
24. A. Askarov and A. Sabelfeld, "Localized delimited release: combining the what and where dimensions of information release, " in Proceedings of the 2007 Workshop on Programming Languages and Analysis for Security. ACM Press, 2007, pp. 53-60.
25. -, "Gradual release: Unifying declassification, encryption and key release policies, " in Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 2007, pp. 207-221.
26. -, "Tight enforcement of information-release policies for dynamic languages, " in Proceedings of the 22nd IEEE Computer Security Foundations Symposium, 2009.
27. F. B. Schneider, "Enforceable security policies, " ACM Transactions on Information and System Security, vol. 3, no. 1, pp. 30-50, 2000.
28. K. R. O'Neill, "Security and anonymity in interactive systems, " Ph.D. dissertation, Cornell University, Aug. 2006.
29. L. Zheng and A. C. Myers, "End-to-end availability policies and noninterference, " in Proceedings of the Proceedings of the 18th IEEE Computer Security Foundations Workshop, Jun. 2005, pp. 272-286.
30. A. C. Myers and B. Liskov, "Protecting privacy using the decentralized label model, " ACM Transactions on Software Engineering and Methodology, vol. 9, no. 4, pp. 410-442, Oct. 2000.