Sökning: onr:"swepub:oai:research.chalmers.se:22ae1491-0d09-4d42-950f-8d92cd89fb94" >
Prudent Design Prin...
Prudent Design Principles for Information Flow Control
-
- Bastys, Iulia, 1986 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
- Piessens, Frank (författare)
- Katholieke Universiteit Leuven
-
- Sabelfeld, Andrei, 1974 (författare)
- Chalmers tekniska högskola,Chalmers University of Technology
-
(creator_code:org_t)
- ISBN 9781450359931
- 2018-01-15
- 2018
- Engelska.
-
Ingår i: Proceedings of the ACM Conference on Computer and Communications Security. - New York, NY, USA : ACM. - 1543-7221. - 9781450359931 ; , s. 17-23
- Relaterad länk:
-
https://research.cha...
-
visa fler...
-
https://doi.org/10.1...
-
https://research.cha...
-
visa färre...
Abstract
Ämnesord
Stäng
- Recent years have seen a proliferation of research on information flow control. While the progress has been tremendous, it has also given birth to a bewildering breed of concepts, policies, conditions, and enforcement mechanisms. Thus, when designing information flow controls for a new application domain, the designer is confronted with two basic questions: (i) What is the right security characterization for a new application domain? and (ii) What is the right enforcement mechanism for a new application domain? This paper puts forward six informal principles for designing information flow security definitions and enforcement mechanisms: attacker-driven security, trust-aware enforcement, separation of policy annotations and code, language-independence, justified abstraction, and permissiveness. We particularly highlight the core principles of attacker-driven security and trust-aware enforcement, giving us a rationale for deliberating over soundness vs. soundiness. The principles contribute to roadmapping the state of the art in information flow security, weeding out inconsistencies from the folklore, and providing a rationale for designing information flow characterizations and enforcement mechanisms for new application domains.
Ämnesord
- NATURVETENSKAP -- Data- och informationsvetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences (hsv//eng)
Nyckelord
- attacker models
- information flow control
- principles
Publikations- och innehållstyp
- kon (ämneskategori)
- ref (ämneskategori)
Hitta via bibliotek
Till lärosätets databas