CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Information Erasure: An Information-Flow Approach to Semantics and Enforcement

Filippo Del Tedesco (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers))
Göteborg : Chalmers University of Technology, 2011. - 84 s.

Many modern online services require sensitive data to complete their tasks. For this reason, guaranteeing security policies in such services is a major concern. The traditional (and well studied) aspects of security, namely confidentiality, integrity, and availability of data, capture many but not all desirable policies involving sensitive-data. In this thesis we study an important but less-studied aspect of security, namely information erasure. More in detail, this work presents an information-flow approach to information erasure, that tries to address both its formal semantics and an enforcement mechanism. Our results in the formalization of information erasure are twofold. On one hand, we present a novel information-flow framework to express quantitative and conditional erasure policies. The framework is equipped with a knowledge-based notion of erasure policies that takes into account both the semantics of the system enforcing erasure, and the observational power of the attacker. On the other hand, we show how to include an explicit model of the user who provides secrets to the system which is to perform erasure. By doing so we are able to provide guarantees for erasure policies as long as the user’s behaviour is within certain well-defined bounds. The thesis also shows a concrete implementation of an enforcement mechanism as a library in Python. The library allows programmers to embed expressive erasure policies (involving arbitrary conditions, over resources of the runtime environment, when erasure is performed as well as time-based policies). The library supports policy annotations that do not require changes to the runtime system and adapt smoothly to existing applications.

Nyckelord: erasure, information flow, security, erasure policies, enforcement, Python

Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2011-09-22. Senast ändrad 2013-02-06.
CPL Pubid: 146520


Läs direkt!

Länk till annan sajt (kan kräva inloggning)

Institutioner (Chalmers)

Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)


Informations- och kommunikationsteknik

Chalmers infrastruktur

Relaterade publikationer

Inkluderade delarbeten:

A user model for information erasure.

Implementing Erasure Policies Using Taint Analysis

A Semantic Hierarchy for Erasure Policies


Datum: 2011-10-18
Tid: 10:00
Lokal: Room EB, ED&IT Building, Rännvägen 6B, Chalmers University of Technology
Opponent: Prof. René Rydhof Hansen, Ph.D., Department of Computer Science, Aalborg University, Denmark

Ingår i serie

Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University 86