Aslan Askarov ; Andrew Myers - Attacker Control and Impact for Confidentiality and Integrity

lmcs:987 - Logical Methods in Computer Science, September 26, 2011, Volume 7, Issue 3 - https://doi.org/10.2168/LMCS-7(3:17)2011
Attacker Control and Impact for Confidentiality and IntegrityArticle

Authors: Aslan Askarov ; Andrew Myers

    Language-based information flow methods offer a principled way to enforce strong security properties, but enforcing noninterference is too inflexible for realistic applications. Security-typed languages have therefore introduced declassification mechanisms for relaxing confidentiality policies, and endorsement mechanisms for relaxing integrity policies. However, a continuing challenge has been to define what security is guaranteed when such mechanisms are used. This paper presents a new semantic framework for expressing security policies for declassification and endorsement in a language-based setting. The key insight is that security can be characterized in terms of the influence that declassification and endorsement allow to the attacker. The new framework introduces two notions of security to describe the influence of the attacker. Attacker control defines what the attacker is able to learn from observable effects of this code; attacker impact captures the attacker's influence on trusted locations. This approach yields novel security conditions for checked endorsements and robust integrity. The framework is flexible enough to recover and to improve on the previously introduced notions of robustness and qualified robustness. Further, the new security conditions can be soundly enforced by a security type system. The applicability and enforcement of the new policies is illustrated through various examples, including data sanitization and authentication.


    Volume: Volume 7, Issue 3
    Published on: September 26, 2011
    Imported on: June 14, 2010
    Keywords: Computer Science - Programming Languages,Computer Science - Cryptography and Security,D.3.3, D.4.6
    Funding:
      Source : OpenAIRE Graph
    • Team for Research in Ubiquitous Secure Technology (TRUST); Funder: National Science Foundation; Code: 0424422
    • TC: Medium: Higher-Level Abstractions for Trustworthy Federated Systems; Funder: National Science Foundation; Code: 0964409

    23 Documents citing this article

    Consultation statistics

    This page has been seen 1434 times.
    This article's PDF has been downloaded 515 times.