Stateful Declassification Policies for Event-Driven Programs

Abstract : —We propose a novel mechanism for enforcing information flow policies with support for declassification on event-driven programs. Declassification policies consist of two functions. First, a projection function specifies for each confidential event what information in the event can be declassified directly. This generalizes the traditional security labelling of inputs. Second, a stateful release function specifies the aggregate information about all confidential events seen so far that can be declassified. We provide evidence that such declassification policies are useful in the context of JavaScript web applications. An enforcement mechanism for our policies is presented and its soundness and precision is proven. Finally, we give evidence of practicality by implementing and evaluating the mechanism in a browser.
Document type :
Conference papers
Complete list of metadatas

Cited literature [40 references]  Display  Hide  Download

https://hal.inria.fr/hal-01098443
Contributor : Tamara Rezk <>
Submitted on : Wednesday, December 24, 2014 - 5:46:24 PM
Last modification on : Saturday, February 23, 2019 - 1:22:44 AM
Long-term archiving on : Wednesday, March 25, 2015 - 10:17:06 AM

File

sme_declassification.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Mathy Vanhoef, Willem de Groef, Dominique Devriese, Frank Piessens, Tamara Rezk. Stateful Declassification Policies for Event-Driven Programs. Computer Security Foundations (CSF'14), Jul 2014, Viena, Austria. pp.293 - 307, ⟨10.1109/CSF.2014.28⟩. ⟨hal-01098443⟩

Share

Metrics

Record views

165

Files downloads

179