The Anatomy and Facets of Dynamic Policies
Paper in proceeding, 2015
Information flow policies are often dynamic; the security concerns of a program will typically change during execution to reflect security-relevant events. A key challenge is how to best specify, and give proper meaning to, such dynamic policies. A large number of approaches exist that tackle that challenge, each yielding some important, but unconnected, insight. In this work we synthesise existing knowledge on dynamic policies, with an aim to establish a common terminology, best practices, and frameworks for reasoning about them. We introduce the concept of facets to illuminate subtleties in the semantics of policies, and closely examine the anatomy of policies and the expressiveness of policy
specification mechanisms. We further explore the relation between dynamic policies and the concept of declassification.
declassification
dynamic policies
information flow control
facets
Author
Niklas Broberg
Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)
Bart van Delft
Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)
David Sands
Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)
Published in
Proceedings. The Computer Security Foundations Workshop III
1063-6900 (ISSN)
Vol. 2015-September p. 122-136978-1-4673-7538-2 (ISBN)
Categorizing
Areas of Advance
Information and Communication Technology
Subject Categories (SSIF 2011)
Computer and Information Science
Identifiers
DOI
10.1109/CSF.2015.16
ISBN
978-1-4673-7538-2