Run-time Principals in Information-flow Type Systems

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Stephen Tse Articles by Steve Zdancewic

2004 IEEE Symposium on Security and Privacy

Berkeley, California

May 09-May 12

ISBN: 0-7695-2136-3

	ASCII Text	x
	Stephen Tse, Steve Zdancewic, "Run-time Principals in Information-flow Type Systems," Security and Privacy, IEEE Symposium on, pp. 179, 2004 IEEE Symposium on Security and Privacy, 2004.

	BibTex	x
	@article{ 10.1109/SECPRI.2004.1301323, author = {Stephen Tse and Steve Zdancewic}, title = {Run-time Principals in Information-flow Type Systems}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2004}, issn = {1540-7993}, pages = {179}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.2004.1301323}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Run-time Principals in Information-flow Type Systems SN - 1540-7993 SP EP A1 - Stephen Tse, A1 - Steve Zdancewic, PY - 2004 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Stephen Tse, University of Pennsylvania

Steve Zdancewic, University of Pennsylvania

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SECPRI.2004.1301323

Information-flow type systems are a promising approach for enforcing strong end-to-end confientiality and integrity policies. Such policies, however, are usually specified in term of static information-data is labeled high or low security at compile time. In practice, the confidentiality of data may depend on information available only while the system is running.

This paper studies language support for run-time principals, a mechanism for specifying information-flow security policies that depend on which principals interact with the system. We establish the basic property of noninterference for programs written in such language, and use run-time principals for specifying run-time authority in downgrading mechanisms such as declassification.

In addition to allowing more expressive security policies, run-time principals enable the integration of language-based security mechanisms with other existing approaches such as Java stack inspection and public key infrastructures. We sketch an implementation of run-time principals via public keys such that principal delegation is verified by certificate chains.

Citation:

Stephen Tse, Steve Zdancewic, "Run-time Principals in Information-flow Type Systems," sp, pp.179, 2004 IEEE Symposium on Security and Privacy, 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.