Conference paper
Locality-based Security Policies
Information flow security provides a strong notion of end-to-end security in computing systems. However sometimes the policies for information flow security are limited in their expressive power, hence complicating the matter of specifying policies even for simple systems. These limitations often become apparent in contexts where confidential information is released under specific conditions.
We present a novel policy language for expressing permissible information flow under expressive constraints on the execution traces for programs. Based on the policy language we propose a security condition shown to be a generalized intransitive non-interference condition. Furthermore a flow-logic based static analysis is presented and shown capable of guaranteeing the security of programs analysed.
Language: | English |
---|---|
Publisher: | Springer |
Year: | 2007 |
Pages: | 185-201 |
Proceedings: | 4th International Conference on Formal Aspects in Security and Trust |
ISBN: | 3540752269 , 3540752277 , 9783540752264 and 9783540752271 |
Types: | Conference paper |
DOI: | 10.1007/978-3-540-75227-1_13 |
ORCIDs: | Nielson, Flemming |