Programmable enforcement framework of information flow policies

M. Ngo, F. Massacci

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

We propose a programmable framework that can be easily instantiated to enforce a large variety of information flow properties. Our framework is based on the idea of secure multi-execution in which multiple instances of the controlled program are executed in parallel. The information flow property of choice can be obtained by simply implementing programs that control parallel executions. We present the architecture of the enforcement mechanism and its instantiations for non-interference (NI) (from Devriese and Piessens), non-deducibility (ND) (from Sutherland) and some properties proposed by Mantel, such as removal of inputs (RI) and deletion of inputs (DI), and demonstrate formally soundness and precision of enforcement for these properties.
Original languageEnglish
Title of host publicationICTCS 2014 - Proceedings of the 15th Italian Conference on Theoretical Computer Science
EditorsA. Formisano, S. Bistarelli
PublisherCEUR-WS
Pages197-211
Publication statusPublished - 2014
Externally publishedYes
Event15th Italian Conference on Theoretical Computer Science, ICTCS 2014 - Perugia, Italy
Duration: 17 Sept 201419 Sept 2014

Publication series

NameCEUR Workshop Proceedings
ISSN (Print)1613-0073

Conference

Conference15th Italian Conference on Theoretical Computer Science, ICTCS 2014
Country/TerritoryItaly
CityPerugia
Period17/09/1419/09/14

Fingerprint

Dive into the research topics of 'Programmable enforcement framework of information flow policies'. Together they form a unique fingerprint.

Cite this