Skip to Main content Skip to Navigation
Conference papers

Many-to-Many Information Flow Policies

Abstract : Information flow techniques typically classify information according to suitable security levels and enforce policies that are based on binary relations between individual levels, e.g., stating that information is allowed to flow from one level to another. We argue that some information flow properties of interest naturally require coordination patterns that involve sets of security levels rather than individual levels: some secret information could be safely disclosed to a set of confidential channels of incomparable security levels, with individual leaks considered instead illegal; a group of competing agencies might agree to disclose their secrets, with individual disclosures being undesired, etc. Motivated by this we propose a simple language for expressing information flow policies where the usual admitted flow relation between individual security levels is replaced by a relation between sets of security levels, thus allowing to capture coordinated flows of information. The flow of information is expressed in terms of causal dependencies and the satisfaction of a policy is defined with respect to an event structure that is assumed to capture the causal structure of system computations. We suggest applications to secret exchange protocols, program security and security architectures, and discuss the relation to classic notions of information flow control.
Complete list of metadata

Cited literature [23 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, December 6, 2017 - 3:47:50 PM
Last modification on : Friday, August 5, 2022 - 12:38:14 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Paolo Baldan, Alessandro Beggiato, Alberto Lluch Lafuente. Many-to-Many Information Flow Policies. 19th International Conference on Coordination Languages and Models (COORDINATION), Jun 2017, Neuchâtel, Switzerland. pp.159-177, ⟨10.1007/978-3-319-59746-1_9⟩. ⟨hal-01657347⟩



Record views


Files downloads