English
Related papers

Related papers: Dynamic Intransitive Noninterference Revisited

200 papers

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

Noninterference offers a rigorous end-to-end guarantee for secure propagation of information. However, real-world systems almost always involve security requirements that change during program execution, making noninterference inapplicable.…

Cryptography and Security · Computer Science 2021-09-17 Peixuan Li , Danfeng Zhang

Noninterference provides a control over information flow in a system for ensuring confidentiality and integrity properties. In the literature this notion has been well studied as transitive noninterference and intransitive noninterference.…

Cryptography and Security · Computer Science 2010-03-23 Chenyi Zhang

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and…

Cryptography and Security · Computer Science 2015-01-13 Bart van Delft , Sebastian Hunt , David Sands

A security policy specifies a security property as the maximal information flow. A distributed system composed of interacting processes implicitly defines an intransitive security policy by repudiating direct information flow between…

Cryptography and Security · Computer Science 2013-10-15 Jean Quilbeuf , Georgeta Igna , Denis Bytschkow , Harald Ruess

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper

The paper considers several definitions of information flow security for intransitive policies from the point of view of the complexity of verifying whether a finite-state system is secure. The results are as follows. Checking (i)…

Cryptography and Security · Computer Science 2013-08-07 Sebastian Eggert , Ron van der Meyden , Henning Schnoor , Thomas Wilke

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

Temporal epistemic logic is a well-established framework for expressing agents knowledge and how it evolves over time. Within language-based security these are central issues, for instance in the context of declassification. We propose to…

Cryptography and Security · Computer Science 2012-09-03 Musard Balliu , Mads Dam , Gurvan Le Guernic

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

Information flow policies are often dynamic; the security concerns of a program will typically change during execution to reflect security-relevant events. A key challenge is how to best specify, and give proper meaning to, such dynamic…

Cryptography and Security · Computer Science 2015-09-24 Niklas Broberg , Bart van Delft , David Sands

We demonstrate, by a number of examples, that information-flow security properties can be proved from abstract architectural descriptions, that describe only the causal structure of a system and local properties of trusted components. We…

Cryptography and Security · Computer Science 2016-01-05 Stephen Chong , Ron van der Meyden

The paper considers the complexity of verifying that a finite state system satisfies a number of definitions of information flow security. The systems model considered is one in which agents operate synchronously with awareness of the…

Cryptography and Security · Computer Science 2014-02-05 Franck Cassez , Ron van der Meyden , Chenyi Zhang

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

Cryptography and Security · Computer Science 2012-02-14 Mário S. Alvim

Reinforcement learning policies are typically represented by black-box neural networks, which are non-interpretable and not well-suited for safety-critical domains. To address both of these issues, we propose constrained normalizing flow…

Machine Learning · Computer Science 2024-05-03 Finn Rietz , Erik Schaffernicht , Stefan Heinrich , Johannes A. Stork

We develop a modeling technique based on interpreted systems in order to verify temporal-epistemic properties over access control policies. This approach enables us to detect information flow vulnerabilities in dynamic policies by verifying…

Logic in Computer Science · Computer Science 2014-01-21 Masoud Koleini , Eike Ritter , Mark Ryan

This paper considers the problem of designing a continuous-time dynamical system that solves a constrained nonlinear optimization problem and makes the feasible set forward invariant and asymptotically stable. The invariance of the feasible…

Optimization and Control · Mathematics 2024-08-27 Ahmed Allibhoy , Jorge Cortés
‹ Prev 1 2 3 10 Next ›