Design and Implementation of Facets of Dynamic Policies
Pages 37 - 39
Abstract
Information Flow Control (IFC) in dynamic contexts is challenging due to different interpretations of security that arise. This paper introduces a modular framework to address this challenge. We present a dynamic floating-label enforcement mechanism that can be instantiated based on the intended security. Our approach formalizes a simply typed λ-calculus, extended with IFC operations, and adopts an epistemic perspective on security definition.
References
[1]
A. M. Ahmadian and M. Balliu. 2022. Dynamic Policies Revisited. In 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P). IEEE Computer Society, Los Alamitos, CA, USA. 448–466. https://doi.org/10.1109/EuroSP53844.2022.00035
[2]
N. Broberg, B. van Delft, and D. Sands. 2015. The Anatomy and Facets of Dynamic Policies. In 2015 IEEE 28th Computer Security Foundations Symposium (CSF). IEEE Computer Society, Los Alamitos, CA, USA. 122–136. issn:1063-6900 https://doi.org/10.1109/CSF.2015.16
[3]
Pablo Buiras and Bart van Delft. 2015. Dynamic Enforcement of Dynamic Policies. In Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security (PLAS’15). Association for Computing Machinery, New York, NY, USA. 28–41. isbn:9781450336611 https://doi.org/10.1145/2786558.2786563
[4]
S. Chong and A. Askarov. 2012. Learning is Change in Knowledge: Knowledge-Based Security for Dynamic Policies. In 2012 IEEE 25th Computer Security Foundations Symposium. IEEE Computer Society, Los Alamitos, CA, USA. 308–322. issn:1063-6900 https://doi.org/10.1109/CSF.2012.31
[5]
Niki Vazou, Eric L. Seidel, Ranjit Jhala, Dimitrios Vytiniotis, and Simon Peyton-Jones. 2014. Refinement Types for Haskell. In Proceedings of the 19th ACM SIGPLAN International Conference on Functional Programming (ICFP ’14). Association for Computing Machinery, New York, NY, USA. 269–282. isbn:9781450328739 https://doi.org/10.1145/2628136.2628161
Index Terms
- Design and Implementation of Facets of Dynamic Policies
Recommendations
Dynamic Enforcement of Dynamic Policies
PLAS'15: Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for SecurityThis paper presents SLIO, an information-flow control mechanism enforcing dynamic policies: security policies which change the relation between security levels while the system is running. SLIO builds on LIO, a floating-label information-flow control ...
Learning is Change in Knowledge: Knowledge-Based Security for Dynamic Policies
CSF '12: Proceedings of the 2012 IEEE 25th Computer Security Foundations SymposiumIn systems that handle confidential information, the security policy to enforce on information frequently changes: new users join the system, old users leave, and sensitivity of data changes over time. It is challenging, yet important, to specify what ...
LWeb: information flow security for multi-tier web applications
This paper presents LWeb, a framework for enforcing label-based, information flow policies in database-using web applications. In a nutshell, LWeb marries the LIO Haskell IFC enforcement library with the Yesod web programming framework. The ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 22 October 2023
Check for updates
Author Tags
Qualifiers
- Short-paper
Conference
SPLASH '23
Sponsor:
SPLASH '23: 2023 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity
October 22 - 27, 2023
Cascais, Portugal
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 38Total Downloads
- Downloads (Last 12 months)19
- Downloads (Last 6 weeks)1
Reflects downloads up to 12 Nov 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in