Skip to main content
Conference ProceedingsOPEN ACCESS

Stateful declassification policies for event-driven programs

Proceedings of the Computer Security Foundations Workshop (2014) 2014-January 293-307
DOI: 10.1109/CSF.2014.28
29Citations
Citations of this article
18Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We propose a novel mechanism for enforcing information flow policies with support for declassification on event-driven programs. Declassification policies consist of two functions. First, a projection function specifies for each confidential event what information in the event can be declassified directly. This generalizes the traditional security labelling of inputs. Second, a stateful release function specifies the aggregate information about all confidential events seen so far that can be declassified. We provide evidence that such declassification policies are useful in the context of Java Script web applications. An enforcement mechanism for our policies is presented and its soundness and precision is proven. Finally, we give evidence of practicality by implementing and evaluating the mechanism in a browser.

Cite

CITATION STYLE

APA

Vanhoef, M., De Groef, W., Devriese, D., Piessens, F., & Rezk, T. (2014). Stateful declassification policies for event-driven programs. In Proceedings of the Computer Security Foundations Workshop (Vol. 2014-January, pp. 293–307). IEEE Computer Society. https://doi.org/10.1109/CSF.2014.28

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free