Type-Based Declassification for Free

Minh Ngo, David A. Naumann, Tamara Rezk

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

This work provides a study to demonstrate the potential of using off-the-shelf programming languages and their theories to build sound language-based-security tools. Our study focuses on information flow security encompassing declassification policies that allow us to express flexible security policies needed for practical requirements. We translate security policies, with declassification, into an interface for which an unmodified standard typechecker can be applied to a source program—if the program typechecks, it provably satisfies the policy. Our proof reduces security soundness—with declassification—to the mathematical foundation of data abstraction, Reynolds’ abstraction theorem.

Original languageEnglish
Title of host publicationFormal Methods and Software Engineering - 22nd International Conference on Formal Engineering Methods, ICFEM 2020, Proceedings
EditorsShang-Wei Lin, Zhe Hou, Brendan Mahoney
Pages181-197
Number of pages17
DOIs
StatePublished - 2020
Event22nd International Conference on Formal Engineering Methods, ICFEM 2020 - Singapore, Singapore
Duration: 1 Mar 20203 Mar 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12531 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference22nd International Conference on Formal Engineering Methods, ICFEM 2020
Country/TerritorySingapore
CitySingapore
Period1/03/203/03/20

Fingerprint

Dive into the research topics of 'Type-Based Declassification for Free'. Together they form a unique fingerprint.

Cite this