Tracking Information Flow by Mapping Broadcast Encryption Subgroups to Security Lattices
Résumé
In this paper we consider scenarios in which a server broadcasts messages with different confidentiality levels to nodes subgroups holding the appropriate clearance. We build on IND-CPA broadcast encryption schemes to preserve the message's confidentiality over a network. Our proposal is that, to verify that information in the server flows to nodes with the appropriate clearances (e.g. verify the use of the correct encryption keys), we can map broadcast subgroups of nodes to levels in information flow security lattices. We implement this idea via a type system and provide a soundness proof with respect to a formally defined secure information flow property for server code.
Domaines
Informatique [cs]
Origine : Fichiers produits par l'(les) auteur(s)