Stateful Declassification Policies for Event-Driven Programs

Mathy Vanhoef 1 Willem De Groef 1 Dominique Devriese 1 Frank Piessens 1 Tamara Rezk 2, *
* Auteur correspondant
2 INDES - Secure Diffuse Programming
CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : —We propose a novel mechanism for enforcing information flow policies with support for declassification on event-driven programs. Declassification policies consist of two functions. First, a projection function specifies for each confidential event what information in the event can be declassified directly. This generalizes the traditional security labelling of inputs. Second, a stateful release function specifies the aggregate information about all confidential events seen so far that can be declassified. We provide evidence that such declassification policies are useful in the context of JavaScript web applications. An enforcement mechanism for our policies is presented and its soundness and precision is proven. Finally, we give evidence of practicality by implementing and evaluating the mechanism in a browser.
Type de document :
Communication dans un congrès
Computer Security Foundations (CSF'14), Jul 2014, Viena, Austria. pp.293 - 307, 2014, 〈10.1109/CSF.2014.28〉
Liste complète des métadonnées

Littérature citée [40 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01098443
Contributeur : Tamara Rezk <>
Soumis le : mercredi 24 décembre 2014 - 17:46:24
Dernière modification le : jeudi 11 janvier 2018 - 16:39:53
Document(s) archivé(s) le : mercredi 25 mars 2015 - 10:17:06

Fichier

sme_declassification.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Mathy Vanhoef, Willem De Groef, Dominique Devriese, Frank Piessens, Tamara Rezk. Stateful Declassification Policies for Event-Driven Programs. Computer Security Foundations (CSF'14), Jul 2014, Viena, Austria. pp.293 - 307, 2014, 〈10.1109/CSF.2014.28〉. 〈hal-01098443〉

Partager

Métriques

Consultations de la notice

63

Téléchargements de fichiers

79