Beyond Labels: Permissiveness for Dynamic Information Flow Enforcement

Other Titles
Abstract
Flow-sensitive labels used by dynamic enforcement mechanisms might themselves encode sensitive information, which can leak. Metalabels, employed to represent the sensitivity of labels, exhibit the same problem. This paper derives a new family of enforcers k-Enf , for k>1 that uses label chains, where each label defines the sensitivity of its predecessor. These enforcers satisfy Block-safe Noninterference (BNI), which proscribes leaks from observing variables, label chains, and blocked executions. Theorems in this paper characterize where longer label chains can improve the permissiveness of dynamic enforcement mechanisms that satisfy BNI. These theorems depend on semantic attributes---k-precise, k-varying, and k-dependent---of such mechanisms, as well as on initialization, threat model, and lattice size.
Journal / Series
Volume & Issue
Description
Sponsorship
Date Issued
2019-02-28
Publisher
Keywords
information flow control; dynamic; flow-sensitive; permissiveness; label chains
Location
Effective Date
Expiration Date
Sector
Employer
Union
Union Local
NAICS
Number of Workers
Committee Chair
Committee Co-Chair
Committee Member
Degree Discipline
Degree Name
Degree Level
Related Version
Related DOI
Related To
Related Part
Based on Related Item
Has Other Format(s)
Part of Related Item
Related To
Related Publication(s)
Link(s) to Related Publication(s)
References
Link(s) to Reference(s)
Previously Published As
Government Document
ISBN
ISMN
ISSN
Other Identifiers
Rights
Attribution-NonCommercial-ShareAlike 4.0 International
Types
technical report
Accessibility Feature
Accessibility Hazard
Accessibility Summary
Link(s) to Catalog Record

Version History

Now showing 1 - 2 of 2
VersionDateSummary
2*
2019-05-09 11:11:17
Explanatory sentences added throughout text. Important definitions placed in displays, rearranged definitions in section 3, and added acknowledgement section.
2019-02-28 13:02:12
* Selected version