Inference of Expressive Declassification Policies
| Title: | Inference of Expressive Declassification Policies |
| Author: |
Chong, Stephen N; Vaughan, Jeffrey A.
Note: Order does not necessarily reflect citation order of authors. |
| Citation: | Vaughan, Jeffrey A. and Stephen Chong. 2011. Inference of expressive declassification policies. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP): May 22-25, 2011, Berkeley, CA. |
| Full Text & Related Files: |
oakland11_inference.pdf (345.9Kb; PDF) 
|
| Abstract: | We explore the inference of expressive human-readable declassification policies as a step towards providing practical tools and techniques for strong language-based information security. Security-type systems can enforce expressive information-security policies, but can require enormous programmer effort before any security benefit is realized. To reduce the burden on the programmer, we focus on inference of expressive yet intuitive information-security policies from programs with few programmer annotations. We define a novel security policy language that can express what information a program may release, under what conditions (or, when) such release may occur, and which procedures are involved with the release (or, where in the code the release occur). We describe a dataflow analysis for precisely inferring these policies, and build a tool that instantiates this analysis for the Java programming language. We validate the policies, analysis, and our implementation by applying the tool to a collection of simple Java programs. |
| Published Version: | doi:10.1109/SP.2011.20 |
| Other Sources: | http://people.seas.harvard.edu/~chong/pubs/oakland11_inference.pdf |
| Terms of Use: | This article is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#OAP |
| Citable link to this page: | http://nrs.harvard.edu/urn-3:HUL.InstRepos:8207505 |
This item appears in the following Collection(s)
-
FAS Scholarly Articles [5133]
Peer reviewed scholarly articles from the Faculty of Arts and Sciences of Harvard University
Contact administrator regarding this item (to report mistakes or request changes)
