End-to-End Enforcement of Erasure and Declassification
Citation
Chong, Stephen and Andrew C. Myers. 2008. End-to-end enforcement of erasure and declassification. In Proceedings of the 21st IEEE Computer Security Foundations Symposium: June 23-25 2008, Piitsburgh, Pennsylvania. 98-111. Los Alamitos, CA: IEEE Computer Society.Abstract
Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system.This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy.
We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system.
Terms of Use
This article is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#OAPCitable link to this page
http://nrs.harvard.edu/urn-3:HUL.InstRepos:4481503
Collections
- FAS Scholarly Articles [18256]
Contact administrator regarding this item (to report mistakes or request changes)