• DocumentCode
    2078947
  • Title

    A Cut Principle for Information Flow

  • Author

    Guttman, Joshua D. ; Rowe, Paul D.

  • fYear
    2015
  • fDate
    13-17 July 2015
  • Firstpage
    107
  • Lastpage
    121
  • Abstract
    We view a distributed system as a graph of active locations with unidirectional channels between them, through which they pass messages. In this context, the graph structure of a system constrains the propagation of information through it. Suppose a set of channels is a cut set between an information source and a potential sink. We prove that, if there is no disclosure from the source to the cut set, then there can be no disclosure to the sink. We introduce a new formalization of partial disclosure, called blur operators, and show that the same cut property is preserved for disclosure to within a blur operator. A related compositional principle ensures limited disclosure for a class of systems that differ only beyond the cut.
  • Keywords
    Bismuth; Context; Indexes; Nominations and elections; Protocols; Security; Semantics; Information flow security; graph models; partial order execution models;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Symposium (CSF), 2015 IEEE 28th
  • Conference_Location
    Verona, Italy
  • Type

    conf

  • DOI
    10.1109/CSF.2015.15
  • Filename
    7243728