局部定界发布:结合信息发布的内容和位置维度

ACM Workshop on Programming Languages and Analysis for Security Pub Date : 2007-06-14 DOI:10.1145/1255329.1255339

Aslan Askarov, A. Sabelfeld

{"title":"局部定界发布:结合信息发布的内容和位置维度","authors":"Aslan Askarov, A. Sabelfeld","doi":"10.1145/1255329.1255339","DOIUrl":null,"url":null,"abstract":"Information release (or declassification) policies are the key challenge for language-based information security. Although much progress has been made, different approaches to information release tend to address different aspects of information release. In a recent classification, these aspects are referred to as what, who, where, and when dimensions of declassification. In order to avoid information laundering, it is important to combine defense along the different dimensions. As a step in this direction, this paper presents a combination of what and where information release policies. Moreover, we show that a minor modification of a security type system from the literature (which was designed for treating the what dimension) in fact enforces the combination of what and where policies","PeriodicalId":119000,"journal":{"name":"ACM Workshop on Programming Languages and Analysis for Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"58","resultStr":"{\"title\":\"Localized delimited release: combining the what and where dimensions of information release\",\"authors\":\"Aslan Askarov, A. Sabelfeld\",\"doi\":\"10.1145/1255329.1255339\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information release (or declassification) policies are the key challenge for language-based information security. Although much progress has been made, different approaches to information release tend to address different aspects of information release. In a recent classification, these aspects are referred to as what, who, where, and when dimensions of declassification. In order to avoid information laundering, it is important to combine defense along the different dimensions. As a step in this direction, this paper presents a combination of what and where information release policies. Moreover, we show that a minor modification of a security type system from the literature (which was designed for treating the what dimension) in fact enforces the combination of what and where policies\",\"PeriodicalId\":119000,\"journal\":{\"name\":\"ACM Workshop on Programming Languages and Analysis for Security\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-06-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"58\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Workshop on Programming Languages and Analysis for Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1255329.1255339\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Programming Languages and Analysis for Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1255329.1255339","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 58

摘要

信息发布(或解密)策略是基于语言的信息安全面临的关键挑战。虽然取得了很大进展，但不同的信息发布方法往往针对信息发布的不同方面。在最近的分类中，这些方面被称为解密的内容、人员、地点和时间维度。为了避免信息洗钱，重要的是要将不同维度的防御结合起来。作为朝这个方向迈出的一步，本文提出了信息发布策略的组合。此外，我们展示了来自文献的安全类型系统的一个小修改(它是为处理什么维度而设计的)实际上强制了什么和哪里策略的组合

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Localized delimited release: combining the what and where dimensions of information release

Information release (or declassification) policies are the key challenge for language-based information security. Although much progress has been made, different approaches to information release tend to address different aspects of information release. In a recent classification, these aspects are referred to as what, who, where, and when dimensions of declassification. In order to avoid information laundering, it is important to combine defense along the different dimensions. As a step in this direction, this paper presents a combination of what and where information release policies. Moreover, we show that a minor modification of a security type system from the literature (which was designed for treating the what dimension) in fact enforces the combination of what and where policies

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

ACM Workshop on Programming Languages and Analysis for Security

自引率

0.00%

发文量

期刊最新文献

Faceted execution of policy-agnostic programs Position paper: the science of boxing Knowledge inference for optimizing secure multi-party computation Fault-tolerant non-interference: invited talk abstract WEBLOG: a declarative language for secure web development