This paper presents a new model for controlling information flow in systems with mutual distrust and decentralized authority. The model allows users to share information with distrusted code (e.g., downloaded applets), yet still control how that code disseminates the shared information to others. The model improves on existing multilevel security models by allowing users to declassify information in a decentralized way, and by improving support for fine-grained data sharing. The paper also shows how static program analysis can be used to certify proper information flows in this model and to avoid most run-time information flow checks.
CITATION STYLE
Myers, A. C., & Liskov, B. (1997). A Decentralized Model for Information Flow Control. Operating Systems Review (ACM), 31(5), 129–142. https://doi.org/10.1145/269005.266669
Mendeley helps you to discover research relevant for your work.