NDLI: Dynamic security labels and static information flow control

Please wait, while we are loading the content...

Dynamic security labels and static information flow control

Content Provider	CiteSeerX
Author	Zheng, Lantian Myers, Rew C.
Abstract	This paper presents a language in which information flow is securely controlled by a type system, yet the se-curity class of data can vary dynamically. Information flow policies provide the means to express strong secu-rity requirements for data confidentiality and integrity. Recent work on security-typed programming languages has shown that information flow can be analyzed stat-ically, ensuring that programs will respect the restric-tions placed on data. However, real computing systems have security policies that cannot be determined at the time of program analysis. For example, a file has as-sociated access permissions that cannot be known with certainty until it is opened. Although one security-typed programming language has included support for dy-namic security labels, there has been no demonstration that a general mechanism for dynamic labels can se-curely control information flow. In this paper, we present an expressive language-based mechanism for reasoning about dynamic security labels. The mechanism is for-mally presented in a core language based on the typed lambda calculus; any well-typed program in this lan-guage is secure because it satisfies noninterference. 1.
File Format	PDF
Journal	In: International Journal of Information Security
Language	English
Access Restriction	Open
Subject Keyword	Dynamic Security Label Static Information Flow Control Information Flow Security-typed Programming Language Information Flow Policy Program Analysis Strong Secu-rity Requirement Expressive Language-based Mechanism As-sociated Access Permission Typed Lambda Calculus Core Language General Mechanism Type System Dy-namic Security Label Security Policy Data Confidentiality Se-curity Class Dynamic Label Well-typed Program Recent Work
Content Type	Text
Resource Type	Article

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in