CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Declassification: Dimensions and Principles

Andrei Sabelfeld (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)) ; David Sands (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers))
Journal of Computer Security (0926-227X). Vol. 17 (2009), 5, p. 517-548.
[Artikel, refereegranskad vetenskaplig]

Computing systems often deliberately release (or declassify) sensitive information. A principal security concern for systems permitting information release is whether this release is safe: is it possible that the attacker compromises the information release mechanism and extracts more secret information than intended? While the security community has recognised the importance of the problem, the state-of-the-art in information release is, unfortunately, a number of approaches with somewhat unconnected semantic goals. We provide a road map of the main directions of current research, by classifying the basic goals according to what information is released, who releases information, where in the system information is released and when information can be released. With a general declassification framework as a long-term goal, we identify some prudent principles of declassification. These principles shed light on existing definitions and may also serve as useful “sanity checks" for emerging models.

Nyckelord: Declassification; Information flow



Denna post skapades 2009-12-11. Senast ändrad 2016-07-22.
CPL Pubid: 103418

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)


Institutioner (Chalmers)

Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)

Ämnesområden

Datalogi
Programvaruteknik

Chalmers infrastruktur