Lightweight information flow

Flemming Nielson*, Hanne Riis Nielson

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingBook chapterResearchpeer-review

Abstract

We develop a type system for identifying the information flow between variables in a program in the Guarded Commands language. First we characterise the types of information flow that may arise between variables in a non-deterministic program: explicit, implicit, bypassing, correlated or sanitised. Next we allow to specify security policies in a number of traditional ways based on mandatory access control: defining a security lattice, working with components or decentralised labels, both as pertains to confidentiality and integrity. Offending information flows are those identified by the type system and that violate the security policy; a program is sufficiently secure if it contains only acceptable information flows.

Original languageEnglish
Title of host publicationModels, Languages, and Tools for Concurrent and Distributed Programming
PublisherSpringer
Publication date1 Jan 2019
Pages455-470
ISBN (Print)978-3-030-21484-5
DOIs
Publication statusPublished - 1 Jan 2019
SeriesLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11665 LNCS
ISSN0302-9743

Fingerprint

Dive into the research topics of 'Lightweight information flow'. Together they form a unique fingerprint.

Cite this