Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us Track your research
Search
Cart
Book cover

European Symposium on Programming

ESOP 2007: Programming Languages and Systems pp 141–156Cite as

  1. Home
  2. Programming Languages and Systems
  3. Conference paper
Controlling the What and Where of Declassification in Language-Based Security

Controlling the What and Where of Declassification in Language-Based Security

  • Heiko Mantel1 &
  • Alexander Reinhard1 
  • Conference paper

  • 1110 Accesses

  • 15 Citations

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 4421)

Abstract

While a rigorous information flow analysis is a key step in obtaining meaningful end-to-end confidentiality guarantees, one must also permit possibilities for declassification. Sabelfeld and Sands categorized the existing approaches to controlling declassification in their overview along four dimensions and according to four prudent principles [16].

In this article, we propose three novel security conditions for controlling the dimensions where and what, and we explain why these conditions constitute improvements over prior approaches. Moreover, we present a type-based security analysis and, as another novelty, prove a soundness result that considers more than one dimension of declassification.

Chapter PDF

Download to read the full chapter text

References

  1. Almeida Matos, A.: Typing secure information flow: declassification and mobility. PhD thesis, École Nationale Supérieure des Mines de Paris (2006)

    Google Scholar 

  2. Almeida Matos, A., Boudol, G.: On declassification and the non-disclosure policy. In: Proc. IEEE Computer Security Foundations Workshop (2005)

    Google Scholar 

  3. Cohen, E.: Information transmission in sequential programs. In: Foundations of Secure Computation, pp. 297–335. Academic Press, London (1978)

    Google Scholar 

  4. Dam, M., Giambiagi, P.: Information flow control for cryptographic applets. Presentation at Dagstuhl Seminar on Language-Based Security (2003), http://kathrin.dagstuhl.de/03411/Materials2/

  5. Giacobazzi, R., Mastroeni, I.: Abstract non-interference: Parameterizing non-interference by abstract interpretation. In: Proc. of the 31st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 186–197 (2004)

    Google Scholar 

  6. Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 11–20 (1982)

    Google Scholar 

  7. Li, P., Zdancewic, S.: Downgrading policies and relaxed noninterference. In: Proc. of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages, New York, NY, USA, pp. 158–170 (2005)

    Google Scholar 

  8. Lowe, G.: Quantifying information flow. In: Proc. of the 15th IEEE Computer Security Foundations Workshop, Washington, DC, USA (2002)

    Google Scholar 

  9. Mantel, H., Sands, D.: Controlled Declassification based on Intransitive Noninterference. In: Chin, W.-N. (ed.) APLAS 2004. LNCS, vol. 3302, pp. 129–145. Springer, Heidelberg (2004)

    Google Scholar 

  10. Di Pierro, A., Hankin, C., Wiklicky, H.: Approximate Non-Interference. Journal of Computer Security 12(1), 37–81 (2004)

    Google Scholar 

  11. Sabelfeld, A.: Confidentiality for Multithreaded Programs via Bisimulation. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 260–274. Springer, Heidelberg (2004)

    Google Scholar 

  12. Sabelfeld, A., Myers, A.C.: Language-based Information-Flow Security. IEEE Journal on Selected Areas in Communication 21(1), 5–19 (2003)

    CrossRef  Google Scholar 

  13. Sabelfeld, A., Myers, A.C.: A model for delimited information release. In: Proceedings of the International Symposium on Software Security (2004)

    Google Scholar 

  14. Sabelfeld, A., Sands, D.: A Per Model of Secure Information Flow in Sequential Programs. In: Swierstra, S.D. (ed.) ESOP 1999 and ETAPS 1999. LNCS, vol. 1576, pp. 50–59. Springer, Heidelberg (1999)

    CrossRef  Google Scholar 

  15. Sabelfeld, A., Sands, D.: Probabilistic Noninterference for Multi-threaded Programs. In: Proceedings of the 13th IEEE Computer Security Foundations Workshop, Cambridge, UK, pp. 200–215 (2000)

    Google Scholar 

  16. Sabelfeld, A., Sands, D.: Dimensions and Principles of Declassification. In: Proceedings of the 18th IEEE Computer Security Foundations Workshop, pp. 255–269. IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  17. Zdancewic, S., Myers, A.: Robust declassification. In: 14th IEEE Computer Security Foundations Workshop (CSFW ’01), Washington - Brussels - Tokyo, pp. 15–26 (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Security Engineering Group, RWTH Aachen University, Germany

    Heiko Mantel & Alexander Reinhard

Authors
  1. Heiko Mantel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexander Reinhard
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Rocco De Nicola

Rights and permissions

Reprints and Permissions

Copyright information

© 2007 Springer Berlin Heidelberg

About this paper

Cite this paper

Mantel, H., Reinhard, A. (2007). Controlling the What and Where of Declassification in Language-Based Security. In: De Nicola, R. (eds) Programming Languages and Systems. ESOP 2007. Lecture Notes in Computer Science, vol 4421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71316-6_11

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/978-3-540-71316-6_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71314-2

  • Online ISBN: 978-3-540-71316-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Publish with us

Policies and ethics

search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Cancel contracts here

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature