RIF: Reactive information flow labels

Restrictions that a reactive information flow (RIF) label imposes on a value are determined by the sequence of operations used to derive that value. This allows declassification, endorsement, and other forms of reclassification to be supported in a uniform way. Piecewise noninterference (PWNI) is in...

Full description

Saved in:
Bibliographic Details
Published inJournal of computer security Vol. 28; no. 2; pp. 191 - 228
Main Authors Kozyri, Elisavet, Schneider, Fred B.
Format Journal Article
LanguageEnglish
Published Amsterdam IOS Press BV 01.01.2020
Subjects
Cryptography
Information flow
Labels
Online AccessGet full text

Cover

More Information
Summary:Restrictions that a reactive information flow (RIF) label imposes on a value are determined by the sequence of operations used to derive that value. This allows declassification, endorsement, and other forms of reclassification to be supported in a uniform way. Piecewise noninterference (PWNI) is introduced as a fitting security policy, because noninterference is not suitable. A type system is given for static enforcement of PWNI in programs that associate checkable classes of RIF labels with variables. Two checkable classes of RIF labels are described: RIF automata are general-purpose and based on finite-state automata; κ-labels concern confidentiality in programs that use cryptographic operations.
ISSN:0926-227X
1875-8924
DOI:10.3233/JCS-191316