While a rigorous information flow analysis is a key step in obtaining meaningful end-to-end confidentiality guarantees, one must also permit possibilities for declassification. Sabelfeld and Sands categorized the existing approaches to controlling declassification in their overview along four dimensions and according to four prudent principles [16]. In this article, we propose three novel security conditions for controlling the dimensions where and what, and we explain why these conditions constitute improvements over prior approaches. Moreover, we present a type-based security analysis and, as another novelty, prove a soundness result that considers more than one dimension of declassification. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Mantel, H., & Reinhard, A. (2007). Controlling the what and where of declassification in language-based security. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4421 LNCS, pp. 141–156). Springer Verlag. https://doi.org/10.1007/978-3-540-71316-6_11
Mendeley helps you to discover research relevant for your work.