DMCA
Managing policy updates in security-typed languages (2006)
Cached
Download Links
| Venue: | In CSFW’06: the 19th IEEE Computer Security Foundations Workshop |
| Citations: | 27 - 6 self |
BibTeX
@INPROCEEDINGS{Swamy06managingpolicy,
author = {Nikhil Swamy and Michael Hicks},
title = {Managing policy updates in security-typed languages},
booktitle = {In CSFW’06: the 19th IEEE Computer Security Foundations Workshop},
year = {2006}
}
Share
 |
 |
 |
 |
||
OpenURL
Abstract
This paper presents RX, a new security-typed programming language with features intended to make the management of information-flow policies more practical. Security labels in RX, in contrast to prior approaches, are defined in terms of owned roles, as found in the RT rolebased trust-management framework. Role-based security policies allow flexible delegation, and our language RX provides constructs through which programs can robustly update policies and react to policy updates dynamically. Our dynamic semantics use statically verified transactions to eliminate illegal information flows across updates, which we call transitive flows. Because policy updates can be observed through dynamic queries, policy updates can potentially reveal sensitive information. As such, RX considers policy statements themselves to be potentially confidential information and subject to information-flow metapolicies. 1
Keyphrases
policy update security-typed language trust-management framework dynamic semantics transitive flow illegal information role-based security policy security label sensitive information information-flow metapolicies update policy owned role confidential information policy statement information-flow policy flexible delegation new security-typed programming language dynamic query language rx verified transaction
