Stateful Declassification Policies for Event-Driven Programs - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

Stateful Declassification Policies for Event-Driven Programs

Résumé

—We propose a novel mechanism for enforcing information flow policies with support for declassification on event-driven programs. Declassification policies consist of two functions. First, a projection function specifies for each confidential event what information in the event can be declassified directly. This generalizes the traditional security labelling of inputs. Second, a stateful release function specifies the aggregate information about all confidential events seen so far that can be declassified. We provide evidence that such declassification policies are useful in the context of JavaScript web applications. An enforcement mechanism for our policies is presented and its soundness and precision is proven. Finally, we give evidence of practicality by implementing and evaluating the mechanism in a browser.
Fichier principal
Vignette du fichier
sme_declassification.pdf (249.94 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01098443 , version 1 (24-12-2014)

Identifiants

Citer

Mathy Vanhoef, Willem de Groef, Dominique Devriese, Frank Piessens, Tamara Rezk. Stateful Declassification Policies for Event-Driven Programs. Computer Security Foundations (CSF'14), Jul 2014, Viena, Austria. pp.293 - 307, ⟨10.1109/CSF.2014.28⟩. ⟨hal-01098443⟩

Collections

INRIA INRIA2
104 Consultations
202 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More