Publication: Security Policies for Downgrading
No Thumbnail Available
Open/View Files
Date
2004-10
Authors
Published Version
Journal Title
Journal ISSN
Volume Title
Publisher
Association for Computing Machinery (ACM)
The Harvard community has made this article openly available. Please share how this access benefits you.
Citation
Chong, Stephen. 2004. Security Policies for Downgrading. Security Policies for Downgrading. Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS): 198–209.
Research Data
Abstract
A long-standing problem in information security is how to specify and enforce expressive security policies that control information flow while also permitting information release (i.e., declassifica- tion) where appropriate. This paper presents security policies for downgrading and a security type system that incorporates them, allowing secure downgrading of information through an explicit declassification operation. Examples are given showing that the downgrading policy language captures useful aspects of designer intent. These policies are connected to a semantic security condi- tion that generalizes noninterference, and the type system is shown to enforce this security condition.
Description
Other Available Sources
Keywords
Terms of Use
This article is made available under the terms and conditions applicable to Other Posted Material (LAA), as set forth at Terms of Service