• DocumentCode
    2009805
  • Title

    End-to-End Enforcement of Erasure and Declassification

  • Author

    Chong, Stephen ; Myers, Andrew C.

  • fYear
    2008
  • fDate
    23-25 June 2008
  • Firstpage
    98
  • Lastpage
    111
  • Abstract
    Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system. This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy. We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system.
  • Keywords
    Computer languages; Computer science; Computer security; Control systems; Data security; Government; Information security; Medical diagnostic imaging; Runtime; Voting; Declassification; Erasure; Expressive security policies; Information flow; Language-based security; Noninterference;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Symposium, 2008. CSF '08. IEEE 21st
  • Conference_Location
    Pittsburgh, PA, USA
  • ISSN
    1940-1434
  • Print_ISBN
    978-0-7695-3182-3
  • Type

    conf

  • DOI
    10.1109/CSF.2008.12
  • Filename
    4556681