A Model for Delimited Information Release

A Model for Delimited Information Release (2004)

Cached

Download Links

Other Repositories/Bibliography

DBLP

by Andrei Sabelfeld , Andrew C. Myers

Venue:	In Proc. International Symp. on Software Security (ISSS’03), volume 3233 of LNCS
Citations:	51 - 12 self

BibTeX

@INPROCEEDINGS{Sabelfeld04amodel,
    author = {Andrei Sabelfeld and Andrew C. Myers},
    title = {A Model for Delimited Information Release},
    booktitle = {In Proc. International Symp. on Software Security (ISSS’03), volume 3233 of LNCS},
    year = {2004},
    pages = {174--191},
    publisher = {Springer-Verlag}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Much work on security-typed languages lacks a satisfactory account of intentional information release. In the context of confidentiality, a typical security guarantee provided by security type systems is noninterference, which allows no information flow from secret inputs to public outputs. However, many intuitively secure programs do allow some release, or declassification, of secret information (e.g., password checking, information purchase, and spreadsheet computation). Noninterference fails to recognize such programs as secure. In this respect, many security type systems enforcing noninterference are impractical.

Citations

4403	A mathematical theory of communication - Shannon - 1948
1541	The Java Language Specification - Gosling, Joy, et al. - 1996
741	End-to-end arguments in system design - Saltzer, Reed, et al. - 1984
699	A.D.: A calculus for cryptographic protocols: The Spi calculus - Abadi, Gordon - 1997
619	Security policies and security models - Goguen, Meseguer
462	Cryptographyand Data Security - Denning - 1982
458	Language-based information-flow security - Sabelfeld, Myers
379	Jflow: practical mostly-static information flow control - Myers - 1999
348	Certification of programs for secure information flow - Denning, Denning - 1977
345	A sound type system for secure flow analysis - Volpano, Irvine, et al. - 1996
221	Secrecy by typing in security protocols - Abadi - 1999
214	The slam calculus: Programming with secrecy and integrity - Heintze, Riecke - 1998
202	The Formal Semantics of Programming Languages: An Introduction - Winskel - 1993
201	A core calculus of dependency - Abadi, Banerjee, et al. - 1999
192	Information flow inference for ml - Pottier, Simonet
181	Secure information flow in a multi-threaded imperative language - Smith, Volpano - 1998
168	A decentralized model for information flow control - Myers, Liskov - 1997
136	Unwinding and inference control - Goguen, Meseguer - 1984
127	Transforming out timing leaks - Agat - 2000
122	Robust declassification - Zdancewic, Myers - 2001
104	Probabilistic noninterference for multithreaded programs - Sabelfeld, Sands - 2000
100	Noninterference, transitivity, and channel-control security policies - Rushby - 1992
95	Jif: Java information flow. Software release. Located at http://www.cs.cornell.edu/jif - Myers, Zheng, et al. - 2001
89	Secure information flow and pointer confinement in a java-like language - Banerjee, Naumann - 2002
89	Approximate non-interference - Pierro, Hankin, et al. - 2002
82	Probabilistic noninterference in a concurrent language - Volpano, Smith - 1998
81	A PER model of secure information flow in sequential programs - Sabelfeld, Sands
71	A semantic approach to secure information flow - Joshi, Leino
71	Quantifying information flow - Lowe - 2002
67	Information flow inference for free - Pottier, Conchon - 2000
66	Complete, safe information flow with decentralized labels - Myers, Liskov - 1998
65	Semantics and program analysis of computationally secure information flow - Laud - 2001
60	Abstract non-interference: Parameterizing non-interference by abstract interpretation - Giacobazzi, Mastroeni - 2004
56	Information transmission in sequential programs - Cohen - 1978
54	What is intransitive noninterference - Roscoe, Goldsmith - 1999
48	Verifying secrets and relative secrecy - Volpano, Smith - 2000
47	The specification and modeling of computer security - MCLEAN - 1990
42	Quantitative analysis of the leakage of confidential data - Clark, Hunt, et al.
35	Absorbing covers and intransitive non-interference - Pinsky - 1995
33	Logical relations for encryption - Sumii, Pierce
30	Secure information flow and CPS - Zdancewic, Myers - 2001
27	Secure introduction of one-way functions - Volpano - 2000
26	A type system for robust declassification - Zdancewic - 2003
24	Confidentiality for mobile code: The case of a simple payment protocol - Dam, Giambiagi - 2000
21	Handling encryption in an analysis for secure information flow - Laud - 2003
19	Modelling downgrading in information flow security, in - Bossi, Piazza, et al. - 2004
19	On the secure implementation of security protocols - GIAMBIAGI, DAM - 2004
16	Controlled downgrading based on intransitive (non)interference - Mantel, Sands - 2004
13	Cryptographic types - Duggan - 2002
6	Information flow control and applications—Bridging a gap - Mantel - 2001