Using access control for secure information flow in a Java-like language

A. Banerjee, D. A. Naumann

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

29 Scopus citations

Abstract

Access control mechanisms are widely used with the intent of enforcing confidentiality and other policies, but few formal connections have been made between information flow and access control. Java and C# are object-oriented languages that provide fine-grained access control. An access control list specifies local policy by authorizing permissions for principals (code sources) associated with class declarations; a mechanism called stack inspection checks permissions at run time. An example is given to show how this mechanism can be used to achieve confidentiality goals in situations where a single system call serves callers of differing confidentiality levels and dynamic access control prevents release of high information to low callers. A static analysis is given which applies to such examples. The analysis is shown to ensure a noninterference property formalizing confidentiality.

Original languageEnglish
Title of host publicationProceedings - 16th IEEE Computer Security Foundations Workshop, CSFW 2003
Pages155-169
Number of pages15
ISBN (Electronic)076951927X
DOIs
StatePublished - 2003
Event16th IEEE Computer Security Foundations Workshop, CSFW 2003 - Pacific Grove, United States
Duration: 30 Jun 20032 Jul 2003

Publication series

NameProceedings of the Computer Security Foundations Workshop
Volume2003-January
ISSN (Print)1063-6900

Conference

Conference16th IEEE Computer Security Foundations Workshop, CSFW 2003
Country/TerritoryUnited States
CityPacific Grove
Period30/06/032/07/03

Keywords

  • Access control
  • Authorization
  • Computer science
  • Computer security
  • Engineering profession
  • Information analysis
  • Information security
  • Inspection
  • Java
  • Permission

Fingerprint

Dive into the research topics of 'Using access control for secure information flow in a Java-like language'. Together they form a unique fingerprint.

Cite this