Advertisement

Linear Declassification

  • Yûta Kaneko
  • Naoki Kobayashi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4960)

Abstract

We propose a new notion of declassification policy called linear declassification. Linear declassification controls not only which functions may be applied to declassify high-security values, but also how often the declassification functions may be applied. We present a linear type system which guarantees that well-typed programs never violate linear declassification policies. To state a formal security property guaranteed by the linear declassification, we also introduce linear relaxed non-interference as an extension of Li and Zdancewic’s relaxed non-interference. An application of the linear relaxed non-interference to quantitative information flow analysis is also discussed.

Keywords

Security Policy Security Level Operational Semantic Information Leakage Security Variable 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Agat, J.: Transforming out timing leaks. In: Proc. of POPL, pp. 40–53 (2000)Google Scholar
  2. 2.
    Clark, D., Hunt, S., Malacaria, P.: Quantitative information flow, relations and polymorphic types. Journal of Logic and Computation 15(2), 181–199 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Clark, D., Hunt, S., Malacaria, P.: A static analysis for quantifying information flow in a simple imperative language. Journal of Computer Security 15(3), 321–371 (2007)Google Scholar
  4. 4.
    Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Communications of the ACM 20(7), 504–513 (1977)zbMATHCrossRefGoogle Scholar
  5. 5.
    Kaneko, Y., Kobayashi, N.: Linear declassification (2007), http://www.kb.ecei.tohoku.ac.jp/~koba/papers/lindcl-full.pdf (extended version)
  6. 6.
    Kobayashi, N.: Quasi-linear types. In: Proc. of POPL, pp. 29–42 (1999)Google Scholar
  7. 7.
    Li, P., Zdancewic, S.: Downgrading policies and relaxed noninterference. In: Proc. of POPL, pp. 158–170 (2005)Google Scholar
  8. 8.
    Malacaria, P.: Assessing security threats of looping constructs. In: Proc. of POPL, pp. 225–235 (2007)Google Scholar
  9. 9.
    Mogensen, T.: Types for 0, 1 or Many Uses. In: Clack, C., Hammond, K., Davie, T. (eds.) IFL 1997. LNCS, vol. 1467, pp. 112–122. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Pottier, F., Simonet, V.: Information flow inference for ML. In: Proc. of POPL, pp. 319–330 (2002)Google Scholar
  11. 11.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  12. 12.
    Sabelfeld, A., Myers, A.C.: A Model for Delimited Information Release. In: Futatsugi, K., Mizoguchi, F., Yonezaki, N. (eds.) ISSS 2003. LNCS, vol. 3233, pp. 174–191. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Sabelfeld, A., Sands, D.: Declassification: Dimensions and principles. Journal of Computer Security (to appear). A preliminary version appeared in Proceedings of 18th IEEE Computer Security Foundations Workshop (CSFW-18), pp. 255-269 (2005)Google Scholar
  14. 14.
    Sands, D., Gustavsson, J., Moran, A.: Lambda Calculi and Linear Speedups. In: Mogensen, T.Æ., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 60–82. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Shannon, C.E.: A mathematical theory of communication. The Bell System Technical Journal 27, 379–423 (1948)MathSciNetGoogle Scholar
  16. 16.
    Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: Proc. of POPL, pp. 355–364 (1998)Google Scholar
  17. 17.
    Turner, D.N., Wadler, P., Mossin, C.: Once upon a type. In: Proceedings of Functional Programming Languages and Computer Architecture, pp. 1–11. San Diego, California (1995)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Yûta Kaneko
    • 1
  • Naoki Kobayashi
    • 1
  1. 1.Graduate School of Information SciencesTohoku University 

Personalised recommendations