• DocumentCode
    3382708
  • Title

    Language-based information erasure

  • Author

    Chong, Stephen ; Myers, Andrew C.

  • Author_Institution
    Dept. of Comput. Sci., Cornell Univ., Ithaca, NY, USA
  • fYear
    2005
  • fDate
    20-22 June 2005
  • Firstpage
    241
  • Lastpage
    254
  • Abstract
    Real computing systems sometimes need to forget sensitive information. This paper explores the specification and semantics of information erasure policies, which impose a strong, end-to-end requirement that information be either erased or made less accessible. Simple lattice-based information flow policies, corresponding to a noninterference requirement, are augmented with the ability to express explicit erasure and declassification policies. Examples are given of applying this expressive policy language to real systems. The paper gives tools for reasoning about policy enforcement either statically or dynamically. Further, the significance of these policies to security is formally explained in terms of trace-based semantic security properties: generalizations of noninterference that accommodate erasure and declassification.
  • Keywords
    formal specification; security of data; information erasure policy semantics; information erasure policy specification; language-based information erasure; lattice-based information flow policies; real computing systems; trace-based semantic security; Computer science; Control systems; Cryptography; Data security; Electronic voting; Government; Information security; Mobile computing; National security; Nominations and elections;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations, 2005. CSFW-18 2005. 18th IEEE Workshop
  • ISSN
    1063-6900
  • Print_ISBN
    0-7695-2340-4
  • Type

    conf

  • DOI
    10.1109/CSFW.2005.19
  • Filename
    1443210
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3382708