DocumentCode
2009805
Title
End-to-End Enforcement of Erasure and Declassification
Author
Chong, Stephen ; Myers, Andrew C.
fYear
2008
fDate
23-25 June 2008
Firstpage
98
Lastpage
111
Abstract
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system. This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy. We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system.
Keywords
Computer languages; Computer science; Computer security; Control systems; Data security; Government; Information security; Medical diagnostic imaging; Runtime; Voting; Declassification; Erasure; Expressive security policies; Information flow; Language-based security; Noninterference;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Foundations Symposium, 2008. CSF '08. IEEE 21st
Conference_Location
Pittsburgh, PA, USA
ISSN
1940-1434
Print_ISBN
978-0-7695-3182-3
Type
conf
DOI
10.1109/CSF.2008.12
Filename
4556681
Link To Document