Accessibility navigation


A policy model for secure information flow

Adetoye, A. O. and Badii, A. (2009) A policy model for secure information flow. Lecture Notes in Computer Science, 5511. pp. 1-17. ISSN 0302-9743

Full text not archived in this repository.

It is advisable to refer to the publisher's version if you intend to cite from this work. See Guidance on citing.

To link to this item DOI: 10.1007/978-3-642-03459-6

Abstract/Summary

When a computer program requires legitimate access to confidential data, the question arises whether such a program may illegally reveal sensitive information. This paper proposes a policy model to specify what information flow is permitted in a computational system. The security definition, which is based on a general notion of information lattices, allows various representations of information to be used in the enforcement of secure information flow in deterministic or nondeterministic systems. A flexible semantics-based analysis technique is presented, which uses the input-output relational model induced by an attacker's observational power, to compute the information released by the computational system. An illustrative attacker model demonstrates the use of the technique to develop a termination-sensitive analysis. The technique allows the development of various information flow analyses, parametrised by the attacker's observational power, which can be used to enforce what declassification policies.

Item Type:Article
Refereed:Yes
Divisions:Faculty of Science > School of Mathematical, Physical and Computational Sciences > Department of Computer Science
ID Code:15094
Uncontrolled Keywords:NONINTERFERENCE
Additional Information:Proceedings Paper Joint Workshop on Automated Reasoning for Security Protocol Analysis/Issues in Theory of Security (ARSPA-WITS 2009) MAR 28-29, 2009 York, ENGLAND

University Staff: Request a correction | Centaur Editors: Update this record

Page navigation