Accessibility navigation


A policy model for secure information flow

Adetoye, A. O. and Badii, A. (2009) A policy model for secure information flow. Lecture Notes in Computer Science, 5511. pp. 1-17. ISSN 0302-9743

Full text not archived in this repository.

To link to this article DOI: 10.1007/978-3-642-03459-6

Abstract/Summary

When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes a policy model to specify what information flow is permitted in a computational system. The security definition, which is based on a general notion of information lattices, allows various representations of information to be used in the enforcement of secure information flow in deterministic or nondeterministic systems. A flexible semantics-based analysis technique is presented, which uses the input-output relational model induced by an attacker's observational power, to compute the information released by the computational system. An illustrative attacker model demonstrates the use of the technique to develop a termination-sensitive analysis. The technique allows the development of various information flow analyses, parametrised by the attacker's observational power, which can be used to enforce what declassification policies.

Item Type:Article
Refereed:Yes
Divisions:Faculty of Science > School of Systems Engineering
ID Code:15094
Uncontrolled Keywords:NONINTERFERENCE
Additional Information:Proceedings Paper Joint Workshop on Automated Reasoning for Security Protocol Analysis/Issues in Theory of Security (ARSPA-WITS 2009) MAR 28-29, 2009 York, ENGLAND

Centaur Editors: Update this record

Page navigation