CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Paralocks - Role-Based Information Flow Control and Beyond

N. Broberg ; David Sands (Institutionen för data- och informationsteknik, Datavetenskap (Chalmers))
ACM Sigplan Notices (0362-1340). Vol. 45 (2010), 1, p. 431-444.
[Artikel, refereegranskad vetenskaplig]

This paper presents Paralocks, a language for building expressive but statically verifiable fine-grained information flow policies. Paralocks combine the expressive power of Flow Locks (Broberg & Sands, ESOP'06) with the ability to express policies involving runtime principles, roles (in the style of role-based access control), and relations (such as "acts-for" in discretionary access control). We illustrate the Paralocks policy language by giving a simple encoding of Myers and Liskov's Decentralized Label Model (DLM). Furthermore - and unlike the DLM - we provide an information flow semantics for full Paralock policies. Lastly we illustrate how Paralocks can be statically verified by providing a simple programming language incorporating Paralock policy specifications, and a static type system which soundly enforces information flow security according to the Paralock semantics.

Nyckelord: Security, Languages, Verification

Denna post skapades 2010-02-15. Senast ändrad 2016-07-22.
CPL Pubid: 112244


Läs direkt!

Länk till annan sajt (kan kräva inloggning)

Institutioner (Chalmers)

Institutionen för data- och informationsteknik, Datavetenskap (Chalmers)


Information Technology

Chalmers infrastruktur