On the history of diagnosability and opacity in discrete event systems
This paper presents historical remarks on key projects and papers that led to the
development of a theory of event diagnosis for discrete event systems modeled by finite …
development of a theory of event diagnosis for discrete event systems modeled by finite …
Declassification: Dimensions and principles
A Sabelfeld, D Sands - Journal of Computer Security, 2009 - content.iospress.com
Computing systems often deliberately release (or declassify) sensitive information. A
principal security concern for systems permitting information release is whether this release …
principal security concern for systems permitting information release is whether this release …
Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs
C Hammer, G Snelting - International Journal of Information Security, 2009 - Springer
Abstract Information flow control (IFC) checks whether a program can leak secret data to
public ports, or whether critical computations can be influenced from outside. But many IFC …
public ports, or whether critical computations can be influenced from outside. But many IFC …
Dimensions and principles of declassification
A Sabelfeld, D Sands - 18th IEEE Computer Security …, 2005 - ieeexplore.ieee.org
Computing systems often deliberately release (or declassify) sensitive information. A
principal security concern for systems permitting information release is whether this release …
principal security concern for systems permitting information release is whether this release …
A model for delimited information release
A Sabelfeld, AC Myers - Software Security-Theories and Systems: Second …, 2004 - Springer
Much work on security-typed languages lacks a satisfactory account of intentional
information release. In the context of confidentiality, a typical security guarantee provided by …
information release. In the context of confidentiality, a typical security guarantee provided by …
A perspective on information-flow control
D Hedin, A Sabelfeld - Software safety and security, 2012 - ebooks.iospress.nl
Abstract Information-flow control tracks how information propagates through the program
during execution to make sure that the program handles the information securely. Secure …
during execution to make sure that the program handles the information securely. Secure …
Gradual release: Unifying declassification, encryption and key release policies
A Askarov, A Sabelfeld - … on Security and Privacy (SP'07), 2007 - ieeexplore.ieee.org
Information security has a challenge to address: enabling information-flow controls with
expressive information release (or declassification) policies. Existing approaches tend to …
expressive information release (or declassification) policies. Existing approaches tend to …
Downgrading policies and relaxed noninterference
P Li, S Zdancewic - Proceedings of the 32nd ACM SIGPLAN-SIGACT …, 2005 - dl.acm.org
In traditional information-flow type systems, the security policy is often formalized as
noninterference properties. However, noninterference alone is too strong to express security …
noninterference properties. However, noninterference alone is too strong to express security …
Security policies for downgrading
A long-standing problem in information security is how to specify and enforce expressive
security policies that control information flow while also permitting information release (ie …
security policies that control information flow while also permitting information release (ie …
Enforcing robust declassification
AC Myers, A Sabelfeld… - Proceedings. 17th IEEE …, 2004 - ieeexplore.ieee.org
Noninterference requires that there is no information flow from sensitive to public data in a
given system. However, many systems perform intentional release of sensitive information …
given system. However, many systems perform intentional release of sensitive information …