-
Uddannelse
Find uddannelse
Studievejledning
Kvalitet
- Forskning
-
Samarbejde
Virksomheder
Kommuner og regioner
Gymnasier
Myndigheder
-
Om AU
Organisation
Kontakt
Om AU
- Organisation
- Ledelse
- Strategi
- AU i tal
- AU's historie
- Internationalt samarbejde
- Bæredygtighed
- Campus 2.0
- Diversitet og ligestilling
- Ledige stillinger
- Presse
- Kontakt
Nontransitive policies transpiled
Publikation: Bidrag til bog/antologi/rapport/proceeding › Konferencebidrag i proceedings › Forskning › peer review
DOI
- https://doi.org/10.1109/EuroSP51992.2021.00043
Forlagets udgivne version
- Mohammad M. Ahmadpanah, Chalmers University of Technology ,
- Aslan Askarov
- Andrei Sabelfeld, Chalmers University of Technology
Nontransitive Noninterference (NTNI) and Nontransitive Types (NTT) are a new security condition and enforcement for policies which, in contrast to Denning's classical lattice model, assume no transitivity of the underlying flow relation. Nontransitive security policies are a natural fit for coarse-grained information-flow control where labels are specified at module rather than variable level of granularity. While the nontransitive and transitive policies pursue different goals and have different intuitions, this paper demonstrates that nontransitive noninterference can in fact be reduced to classical transitive noninterference. We develop a lattice encoding that establishes a precise relation between NTNI and classical noninterference. Our results make it possible to clearly position the new NTNI characterization with respect to the large body of work on noninterference. Further, we devise a lightweight program transformation that leverages standard flow-sensitive information-flow analyses to enforce nontransitive policies. We demonstrate several immediate benefits of our approach, both theoretical and practical. First, we improve the permissiveness over (while retaining the soundness of) the nonstandard NTT enforcement. Second, our results naturally generalize to a language with intermediate inputs and outputs. Finally, we demonstrate the practical benefits by utilizing state-of-the-art flow-sensitive tool JOANA to enforce nontransitive policies for Java programs.
| Originalsprog | Engelsk |
|---|---|
| Titel | 2021 IEEE European Symposium on Security and Privacy (EuroS&P) |
| Antal sider | 19 |
| Forlag | IEEE |
| Udgivelsesår | sep. 2021 |
| Sider | 543-561 |
| ISBN (Elektronisk) | 9781665414913 |
| DOI | |
| Status | Udgivet - sep. 2021 |
| Begivenhed | 6th IEEE European Symposium on Security and Privacy - Virtual, Online, Østrig Varighed: 6 sep. 2021 → 10 sep. 2021 |
Konference
| Konference | 6th IEEE European Symposium on Security and Privacy |
|---|---|
| Land | Østrig |
| By | Virtual, Online |
| Periode | 06/09/2021 → 10/09/2021 |
Se relationer på Aarhus Universitet Citationsformater
ID: 227767684