Many-to-Many Information Flow Policies

Abstract : Information flow techniques typically classify information according to suitable security levels and enforce policies that are based on binary relations between individual levels, e.g., stating that information is allowed to flow from one level to another. We argue that some information flow properties of interest naturally require coordination patterns that involve sets of security levels rather than individual levels: some secret information could be safely disclosed to a set of confidential channels of incomparable security levels, with individual leaks considered instead illegal; a group of competing agencies might agree to disclose their secrets, with individual disclosures being undesired, etc. Motivated by this we propose a simple language for expressing information flow policies where the usual admitted flow relation between individual security levels is replaced by a relation between sets of security levels, thus allowing to capture coordinated flows of information. The flow of information is expressed in terms of causal dependencies and the satisfaction of a policy is defined with respect to an event structure that is assumed to capture the causal structure of system computations. We suggest applications to secret exchange protocols, program security and security architectures, and discuss the relation to classic notions of information flow control.
Type de document :
Communication dans un congrès
Jean-Marie Jacquet; Mieke Massink. 19th International Conference on Coordination Languages and Models (COORDINATION), Jun 2017, Neuchâtel, Switzerland. Springer International Publishing, Lecture Notes in Computer Science, LNCS-10319, pp.159-177, 2017, Coordination Models and Languages. 〈10.1007/978-3-319-59746-1_9〉
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01657347
Contributeur : Hal Ifip <>
Soumis le : mercredi 6 décembre 2017 - 15:47:50
Dernière modification le : jeudi 14 juin 2018 - 10:54:03

Fichier

 Accès restreint
Fichier visible le : 2020-01-01

Connectez-vous pour demander l'accès au fichier

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Paolo Baldan, Alessandro Beggiato, Alberto Lluch Lafuente. Many-to-Many Information Flow Policies. Jean-Marie Jacquet; Mieke Massink. 19th International Conference on Coordination Languages and Models (COORDINATION), Jun 2017, Neuchâtel, Switzerland. Springer International Publishing, Lecture Notes in Computer Science, LNCS-10319, pp.159-177, 2017, Coordination Models and Languages. 〈10.1007/978-3-319-59746-1_9〉. 〈hal-01657347〉

Partager

Métriques

Consultations de la notice

75