RIF: Reactive information flow labels
Restrictions that a reactive information flow (RIF) label imposes on a value are determined by the sequence of operations used to derive that value. This allows declassification, endorsement, and other forms of reclassification to be supported in a uniform way. Piecewise noninterference (PWNI) is in...
Saved in:
Published in | Journal of computer security Vol. 28; no. 2; pp. 191 - 228 |
---|---|
Main Authors | , |
Format | Journal Article |
Language | English |
Published |
Amsterdam
IOS Press BV
01.01.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Restrictions that a reactive information flow (RIF) label imposes on a value are determined by the sequence of operations used to derive that value. This allows declassification, endorsement, and other forms of reclassification to be supported in a uniform way. Piecewise noninterference (PWNI) is introduced as a fitting security policy, because noninterference is not suitable. A type system is given for static enforcement of PWNI in programs that associate checkable classes of RIF labels with variables. Two checkable classes of RIF labels are described: RIF automata are general-purpose and based on finite-state automata; κ-labels concern confidentiality in programs that use cryptographic operations. |
---|---|
ISSN: | 0926-227X 1875-8924 |
DOI: | 10.3233/JCS-191316 |