End-to-End Enforcement of Erasure and Declassification

DSpace/Manakin Repository

End-to-End Enforcement of Erasure and Declassification

Citable link to this page


Title: End-to-End Enforcement of Erasure and Declassification
Author: Chong, Stephen N; Myers, Andrew C.

Note: Order does not necessarily reflect citation order of authors.

Citation: Chong, Stephen and Andrew C. Myers. 2008. End-to-end enforcement of erasure and declassification. In Proceedings of the 21st IEEE Computer Security Foundations Symposium: June 23-25 2008, Piitsburgh, Pennsylvania. 98-111. Los Alamitos, CA: IEEE Computer Society.
Full Text & Related Files:
Abstract: Declassification occurs when the confidentiality of information is weakened; erasure occurs when the confidentiality of information is strengthened, perhaps to the point of completely removing the information from the system.
This paper shows how to enforce erasure and declassification policies. A combination of a type system that controls information flow and a simple runtime mechanism to overwrite data ensures end-to-end enforcement of policies. We prove that well-typed programs satisfy the semantic security condition noninterference according to policy.
We extend the Jif programming language with erasure and declassification enforcement mechanisms and use the resulting language in a large case study of a voting system.
Published Version: doi:10.1109/CSF.2008.12
Other Sources: http://people.seas.harvard.edu/~chong/pubs/csf08_enforcement.pdf
Terms of Use: This article is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at http://nrs.harvard.edu/urn-3:HUL.InstRepos:dash.current.terms-of-use#OAP
Citable link to this page: http://nrs.harvard.edu/urn-3:HUL.InstRepos:4481503
Downloads of this work:

Show full Dublin Core record

This item appears in the following Collection(s)


Search DASH

Advanced Search