| 1. |
- Birgisson, Arnar, 1981, et al.
(författare)
-
Unifying Facets of Information Integrity
- 2010
-
Ingår i: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). - Berlin, Heidelberg : Springer Berlin Heidelberg. - 1611-3349 .- 0302-9743. - 9783642177132 ; 6503, s. 48-65
-
Konferensbidrag (refereegranskat)abstract
- Information integrity is a vital security property in a variety of applications. However, there is more than one facet to integrity: interpretations of integrity in different contexts include integrity via information flow, where the key is that trusted output is independent from untrusted input, and integrity via invariance, where the key is preservation of an invariant. Furthermore, integrity via invariance is itself multi-faceted. For example, the literature features formalizations of invariance as predicate preservation (predicate invariance), which is not directly compatible with invariance of memory values (value invariance).This paper offers a unified framework for integrity policies that include all of the facets above. Despite the different nature of these facets, we show that a straightforward enforcement mechanism adapted from the literature is readily available for enforcing all of the integrity facets at once.
|
|
| 2. |
- Barthe, Gilles, et al.
(författare)
-
Secuirty of Multithreaded Programs by Compilation
- 2009
-
Ingår i: Special Issue of ACM Transactions on Information and System Security (TISSEC). - : Association for Computing Machinery (ACM). - 1094-9224 .- 1557-7406.
-
Tidskriftsartikel (refereegranskat)abstract
- Information security is a pressing challenge for mobile code technologies. In order to claim end-to-end security of mobile code, it is necessary to establish that the code neither intentionally nor accidentally propagates sensitive information to an adversary. Although mobile code is commonly multithreaded low-level code, the literature is lacking enforcement mechanisms that ensure information security for such programs.This article offers a modular solution to the security ofmultithreaded programs. The modularity is three-fold:we give modular extensions of sequential semantics, sequential security typing, and sequential security-type preserving compilation that allow us enforcing security for multithreaded programs. Thanks to the modularity, there are no more restrictions on multithreaded source programs than on sequential ones, and yet we guarantee that their compilations are provably secure for a wide class of schedulers.
|
|
| 3. |
- Barthes, Gilles, et al.
(författare)
-
Security of Multithreaded Programs by Compilation
- 2010
-
Ingår i: ACM Transactions on Information and System Security. - 1094-9224. ; 13:3
-
Tidskriftsartikel (refereegranskat)abstract
- End-to-End security of mobile code requires that the code neither intentionally nor accidentally propagates sensitive information to an adversary. Although mobile code is commonly multithreaded low-level code, there lack enforcement mechanisms that ensure information security for such programs. The modularity is three-fold: we give modular extensions of sequential semantics, sequential security typing, and sequential security-type preserving compilation that allow us enforcing security for multithreaded programs. Thanks to the modularity, there are no more restrictions on multithreaded source programs than on sequential ones, and yet we guarantee that their compilations are provably secure for a wide class of schedulers.
|
|
| 4. |
- Askarov, Aslan, 1981, et al.
(författare)
-
Localized Delimited Release: Combining the What and Where Dimensions of Information Release
- 2007
-
Ingår i: ACM SIGPLAN Workshop on Programming Languages and Analysis for Security. - New York, NY, USA : ACM. - 9781595937117 ; , s. 53-60
-
Konferensbidrag (refereegranskat)abstract
- Information release (or declassification) policies are the key challenge for language-based information security. Although much progress has been made, different approaches to information release tend to address different aspects of information release. In a recent classification, these aspects are referred to as what, who, where, and when dimensions of declassification. In order to avoid information laundering, it is important to combine defense along the different dimensions. As a step in this direction, this paper presents a combination of what and where information release policies. Moreover, we show that a minor modification of a security type system from the literature (which was designed for treating the what dimension) in fact enforces the combination of what and where policies
|
|
| 5. |
- Askarov, Aslan, 1981, et al.
(författare)
-
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
- 2007
-
Ingår i: Proceedings of the IEEE Symposium on Security and Privacy. - 1081-6011. - 9780769528489 ; , s. 207-227
-
Konferensbidrag (refereegranskat)abstract
- Information security has a challenge to address: enabling information-flow controls with expressive information release (or declassification) policies. Existing approaches tend to address some aspects of information release, exposing the other aspects for possible attacks. It is striking that these approaches fall into two mostly separate categories: revelation-based (as in information purchase, aggregate computation, moves in a game, etc.) and encryption-based declassification (as in sending encrypted secrets over an untrusted network, storing passwords, etc.). This paper introduces gradual release, a policy that unifies declassification, encryption, and key release policies. We model an attacker's knowledge by the sets of possible secret inputs as functions of publicly observable outputs. The essence of gradual release is that this knowledge must remain constant between releases. Gradual release turns out to be a powerful foundation for release policies, which we demonstrate by formally connecting revelation-based and encryption-based declassification. Furthermore, we show that gradual release can be provably enforced by security types and effects.
|
|
