TY - GEN
T1 - Expressive declassification policies and modular static enforcement
AU - Banerjee, Anindya
AU - Naumann, David A.
AU - Rosenberg, Stan
PY - 2008
Y1 - 2008
N2 - This paper provides a way to specify expressive declassification policies, in particular, when, what, and where policies that include conditions under which downgrading is allowed. Secondly, an end-to-end semantic property is introduced, based on a model that allows observations of intermediate low states as well as termination. An attacker's knowledge only increases at explicit declassification steps, and within limits set by policy. Thirdly, static enforcement is provided by combining type-checking with program verification techniques applied to the small subprograms that carry out declassifications. Enforcement is proved sound for a simple programming language and the extension to object-oriented programs is described.
AB - This paper provides a way to specify expressive declassification policies, in particular, when, what, and where policies that include conditions under which downgrading is allowed. Secondly, an end-to-end semantic property is introduced, based on a model that allows observations of intermediate low states as well as termination. An attacker's knowledge only increases at explicit declassification steps, and within limits set by policy. Thirdly, static enforcement is provided by combining type-checking with program verification techniques applied to the small subprograms that carry out declassifications. Enforcement is proved sound for a simple programming language and the extension to object-oriented programs is described.
UR - http://www.scopus.com/inward/record.url?scp=50249109550&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=50249109550&partnerID=8YFLogxK
U2 - 10.1109/SP.2008.20
DO - 10.1109/SP.2008.20
M3 - Conference contribution
AN - SCOPUS:50249109550
SN - 9780769531687
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 339
EP - 353
BT - Proceedings - 2008 IEEE Symposium on Security and Privacy, SP
T2 - 2008 IEEE Symposium on Security and Privacy, SP
Y2 - 18 May 2008 through 21 May 2008
ER -