Inference of Expressive Declassification Policies

DSpace/Manakin Repository

Inference of Expressive Declassification Policies

Citable link to this page


Title: Inference of Expressive Declassification Policies
Author: Chong, Stephen N; Vaughan, Jeffrey A.

Note: Order does not necessarily reflect citation order of authors.

Citation: Vaughan, Jeffrey A. and Stephen Chong. 2011. Inference of expressive declassification policies. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP): May 22-25, 2011, Berkeley, CA.
Full Text & Related Files:
Abstract: We explore the inference of expressive human-readable declassification policies as a step towards providing practical tools and techniques for strong language-based information security. Security-type systems can enforce expressive information-security policies, but can require enormous programmer effort before any security benefit is realized. To reduce the burden on the programmer, we focus on inference of expressive yet intuitive information-security policies from programs with few programmer annotations. We define a novel security policy language that can express what information a program may release, under what conditions (or, when) such release may occur, and which procedures are involved with the release (or, where in the code the release occur). We describe a dataflow analysis for precisely inferring these policies, and build a tool that instantiates this analysis for the Java programming language. We validate the policies, analysis, and our implementation by applying the tool to a collection of simple Java programs.
Published Version: doi:10.1109/SP.2011.20
Other Sources:
Terms of Use: This article is made available under the terms and conditions applicable to Open Access Policy Articles, as set forth at
Citable link to this page:
Downloads of this work:

Show full Dublin Core record

This item appears in the following Collection(s)


Search DASH

Advanced Search