Many-to-Many Information Flow Policies

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2017

Documents

DOI

View graph of relations

Information flow techniques typically classify information according to suitable security levels and enforce policies that are based on binary relations between individual levels, e.g., stating that information is allowed to flow from one level to another. We argue that some information flow properties of interest naturally require coordination patterns that involve sets of security levels rather than individual levels: some secret information could be safely disclosed to a set of confidential channels of incomparable security levels, with individual leaks considered instead illegal; a group of competing agencies might agree to disclose their secrets, with individual disclosures being undesired, etc. Motivated by this we propose a simple language for expressing information flow policies where the usual admitted flow relation between individual security levels is replaced by a relation between sets of security levels, thus allowing to capture coordinated flows of information. The flow of information is expressed in terms of causal dependencies and the satisfaction of a policy is defined with respect to an event structure that is assumed to capture the causal structure of system computations. We suggest applications to secret exchange protocols, program security and security architectures, and discuss the relation to classic notions of information flow control.
Original languageEnglish
Title of host publicationCoordination Models and Languages
Volume10319
PublisherSpringer
Publication date2017
Pages159-177
ISBN (print)9783319597454
DOIs
StatePublished - 2017
Event19th International Conference on Coordination Models and Languages - Neuchâtel, Switzerland

Conference

Conference19th International Conference on Coordination Models and Languages
LocationUniversité de Neuchâtel
CountrySwitzerland
CityNeuchâtel
Period19/06/201722/06/2017
SeriesLecture Notes in Computer Science
Volume10319
ISSN0302-9743
CitationsWeb of Science® Times Cited: No match on DOI

    Keywords

  • Computer Science, Software Engineering, Programming Techniques, Programming Languages, Compilers, Interpreters, Information Systems Applications (incl. Internet), Information flow, Coordination, Concurrency, Declassification, Non-interference, Causality, Event structures
Download as:
Download as PDF
Select render style:
APAAuthorCBE/CSEHarvardMLAStandardVancouverShortLong
PDF
Download as HTML
Select render style:
APAAuthorCBE/CSEHarvardMLAStandardVancouverShortLong
HTML
Download as Word
Select render style:
APAAuthorCBE/CSEHarvardMLAStandardVancouverShortLong
Word

Download statistics

No data available

ID: 134358602