Arrows for secure information flow
نویسندگان
چکیده
منابع مشابه
Arrows for secure information flow
This paper presents an embedded security sublanguage for enforcing informationflow policies in the standard Haskell programming language. The sublanguage provides useful information-flow control mechanisms including dynamic security lattices, run-time code privileges and declassification all without modifying the base language. This design avoids the redundant work of producing new languages, l...
متن کاملComputationally secure information flow
This thesis presents a definition and a static program analysis for secure information flow. The definition of secure information flow is not based on non-interference, but on the computational independence of the program’s public outputs from its secret inputs. Such definition allows cryptographic primitives to be gracefully handled, as their security is usually defined to be only computationa...
متن کاملA Policy Model for Secure Information Flow
When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes a policy model to specify what information flow is permitted in a computational system. The security definition, which is based on a general notion of information lattices, allows various representations of informatio...
متن کاملInformation flow for secure distributed applications
Private and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage enterprise reputations, and cost billion of dollars. While distributed computing architectures provide data and service integration, they also create information flow control probl...
متن کاملInformation Flow Analysis for Fail-Secure Devices
(2005) Information flow analysis for fail-secure devices. Information security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Theoretical Computer Science
سال: 2010
ISSN: 0304-3975
DOI: 10.1016/j.tcs.2010.01.025