A Verified Capability-Based Model for Information Flow Security With Dynamic Policies
نویسندگان
چکیده
منابع مشابه
Micro-Policies: A Framework for Verified, Tag-Based Security Monitors
Today’s computer systems are distressingly insecure, but many of their vulnerabilities can be avoided if low-level code is constrained to obey sensible safety and security properties. Ideally, such properties might be enforced statically, but for obtaining pervasive guarantees all the way to the level of running machine code it is often more practical to detect and prevent violations dynamicall...
متن کاملMicro-Policies: A Framework for Verified, Tag-Based Security Monitors
Today’s computer systems are distressingly insecure, but many of their vulnerabilities can be avoided if low-level code is constrained to obey sensible safety and security properties. Ideally, such properties might be enforced statically, but for obtaining pervasive guarantees all the way to the level of running machine code it is often more practical to detect and prevent violations dynamicall...
متن کاملSpecial issue on verified information flow security
Toby Murray a,b,∗, Andrei Sabelfeld c and Lujo Bauer d a School of Computing and Information Systems, University of Melbourne, Australia E-mail: [email protected] b Data61, CSIRO, Australia c Department of Computer Science and Engineering, Chalmers University of Technology, Sweden E-mail: [email protected] d Department of Electrical and Computer Engineering and Institute for Software ...
متن کاملA Verified Shared Capability Model
This paper presents a high-level access control model of the seL4 microkernel. We extend an earlier formalisation by Elkaduwe et al with non-determinism, explicit sharing of capability storage, and a delete-operation for entities. We formally prove that this new model can enforce system-global security policies as well as authority confinement. By treating sharing explicitly in the abstract acc...
متن کاملDynamic updating of information-flow policies
Applications that manipulate sensitive information should ensure end-to-end security by satisfying two properties: sound execution and some form of noninterference. By the former, we mean the program should always perform actions in keeping with its current policy, and by the latter we mean that these actions should never cause high-security information to be visible to a low-security observer....
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2018
ISSN: 2169-3536
DOI: 10.1109/access.2018.2815766