English
Related papers

Related papers: Unwinding Conditional Noninterference

200 papers
On the Decidability of Non Interference over Unbounded Petri Nets

Non-interference, in transitive or intransitive form, is defined here over unbounded (Place/Transition) Petri nets. The definitions are adaptations of similar, well-accepted definitions introduced earlier in the framework of labelled…

Cryptography and Security · Computer Science 2011-03-01 Eike Best , Philippe Darondeau , Roberto Gorrieri
Dynamic Intransitive Noninterference Revisited

The paper studies dynamic information flow security policies in an automaton-based model. Two semantic interpretations of such policies are developed, both of which generalize the notion of TA-security [van der Meyden ESORICS 2007] for…

Cryptography and Security · Computer Science 2016-01-21 Sebastian Eggert , Ron van der Meyden
Towards a General-Purpose Dynamic Information Flow Policy

Noninterference offers a rigorous end-to-end guarantee for secure propagation of information. However, real-world systems almost always involve security requirements that change during program execution, making noninterference inapplicable.…

Cryptography and Security · Computer Science 2021-09-17 Peixuan Li , Danfeng Zhang
Nonmalleable Information Flow: Technical Report

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden
Session Logical Relations for Noninterference

Information flow control type systems statically restrict the propagation of sensitive data to ensure end-to-end confidentiality. The property to be shown is noninterference, asserting that an attacker cannot infer any secrets from made…

Programming Languages · Computer Science 2021-04-30 Farzaneh Derakhshan , Stephanie Balzer , Limin Jia
Noninterference with Local Policies

We develop a theory for state-based noninterference in a setting where different security policies---we call them local policies---apply in different parts of a given system. Our theory comprises appropriate security definitions,…

Cryptography and Security · Computer Science 2013-06-17 Sebastian Eggert , Henning Schnoor , Thomas Wilke
Regrading Policies for Flexible Information Flow Control in Session-Typed Concurrency

Noninterference guarantees that an attacker cannot infer secrets by interacting with a program. Information flow control (IFC) type systems assert noninterference by tracking the level of information learned (pc) and disallowing…

Programming Languages · Computer Science 2024-07-31 Farzaneh Derakhshan , Stephanie Balzer , Yue Yao
A Type System to Ensure Non-Interference in ReScript

Protecting confidential data from leaking is a critical challenge in computer systems, particularly given the growing number of observers on the internet. Therefore, limiting information flow using robust security policies becomes…

Cryptography and Security · Computer Science 2024-10-25 Benjamin Bennetzen , Daniel Vang Kleist , Emilie Sonne Steinmann , Loke Walsted , Nikolaj Rossander Kristensen , Peter Buus Steffensen
Note on a simple type system for non-interference

We consider CCS with value passing and elaborate a notion of noninterference for the process calculi, which matches closely that of the programming language. The idea is to view channels as information carriers rather than as "events", so…

Logic in Computer Science · Computer Science 2011-09-23 Steffen van Bakel , Maria Grazia Vigliotti
Security policies for distributed systems

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess
Attacker Control and Impact for Confidentiality and Integrity

Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced…

Programming Languages · Computer Science 2015-07-01 Aslan Askarov , Andrew Myers
Quantum Information-Flow Security: Noninterference and Access Control

Quantum cryptography has been extensively studied in the last twenty years, but information-flow security of quantum computing and communication systems has been almost untouched in the previous research. Duo to the essential difference…

Cryptography and Security · Computer Science 2013-01-30 Mingsheng Ying , Yuang Feng , Nengkun Yu
Polymorphic Relaxed Noninterference

Information-flow security typing statically preserves confidentiality by enforcing noninterference. To address the practical need of selective and flexible declassification of confidential information, several approaches have developed a…

Programming Languages · Computer Science 2019-10-15 Raimil Cruz , Éric Tanter
Complexity and Unwinding for Intransitive Noninterference

The paper considers several definitions of information flow security for intransitive policies from the point of view of the complexity of verifying whether a finite-state system is secure. The results are as follows. Checking (i)…

Cryptography and Security · Computer Science 2013-08-07 Sebastian Eggert , Ron van der Meyden , Henning Schnoor , Thomas Wilke
Reconciling progress-insensitive noninterference and declassification

Practitioners of secure information flow often face a design challenge: what is the right semantic treatment of leaks via termination? On the one hand, the potential harm of untrusted code calls for strong progress-sensitive security. On…

Programming Languages · Computer Science 2020-05-12 Johan Bay , Aslan Askarov
First-order Gradual Information Flow Types with Gradual Guarantees

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia
Existential Types for Relaxed Noninterference

Information-flow security type systems ensure confidentiality by enforcing noninterference: a program cannot leak private data to public channels. However, in practice, programs need to selectively declassify information about private data.…

Programming Languages · Computer Science 2019-11-13 Raimil Cruz , Éric Tanter
Sheaf semantics of termination-insensitive noninterference

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper
Control and Synthesis of Non-Interferent Timed Systems

In this paper, we focus on the synthesis of secure timed systems which are modelled as timed automata. The security property that the system must satisfy is a non-interference property. Intuitively, non-interference ensures the absence of…

Logic in Computer Science · Computer Science 2012-07-23 Gilles Benattar , Franck Cassez , Didier Lime , Olivier H. Roux
Information Security as Strategic (In)effectivity

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei
‹ Prev 1 2 3 10 Next ›