“Complete, Safe Information Flow with Decentralized Labels” by Andrew C. Myers and Barbara Liskov. In 19th IEEE Symposium on Research in Security and Privacy (RSP), (Oakland, California), May 1998.
The growing use of mobile code in downloaded applications and servlets has increased interest in robust mechanisms for ensuring privacy and secrecy. Information flow control is intended to directly address privacy and secrecy concerns, but most information flow models are too restrictive to be widely used. The decentralized label model is a new information flow model that extends traditional models with per-principal information flow policies and also permits a safe form of declassification. This paper extends this new model further, making it more flexible and expressive. We define a new formal semantics for decentralized labels and a corresponding new rule for relabeling data that is both sound and complete. We also show that these extensions preserve the ability to statically check information flow.
BibTeX entry:
@inproceedings{myers98complete,
author = {Andrew C. Myers and Barbara Liskov},
title = {Complete, Safe Information Flow with Decentralized Labels},
booktitle = {19th {IEEE} Symposium on Research in Security and Privacy
(RSP)},
address = {Oakland, California},
month = may,
year = {1998},
url = {http://citeseer.ist.psu.edu/myers98complete.html}
}
Programming Methodology Group