Abstract
Data-intensive applications as popularised by cloud computing raise many security challenges, due to the large number of remote users involved and multi-tenancy. Frequently, the security compartment associated to data stored in shared containers, such as database tables, is not determined by the static structure of the database schema, but depends on runtime data values, as required to ensure so-called "row-level" security. In this paper, we investigate a programming language approach to these issues, based on a -calculus extended with data manipulation primitives. We develop a type-based information flow analysis introducing a notion of value-indexed security labels, representing value-indexed security levels, or compartments. Our results ensure that well-typed programs do not break confidentiality constraints imposed by a declared security discipline. © Springer International Publishing Switzerland 2014.
Cite
CITATION STYLE
Lourenço, L., & Caires, L. (2014). Information flow analysis for valued-indexed data security compartments. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8358 LNCS, pp. 180–198). Springer Verlag. https://doi.org/10.1007/978-3-319-05119-2_11
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
