Declassification: Dimensions and Principles
Artikel i vetenskaplig tidskrift, 2009

Computing systems often deliberately release (or declassify) sensitive information. A principal security concern for systems permitting information release is whether this release is safe: is it possible that the attacker compromises the information release mechanism and extracts more secret information than intended? While the security community has recognised the importance of the problem, the state-of-the-art in information release is, unfortunately, a number of approaches with somewhat unconnected semantic goals. We provide a road map of the main directions of current research, by classifying the basic goals according to what information is released, who releases information, where in the system information is released and when information can be released. With a general declassification framework as a long-term goal, we identify some prudent principles of declassification. These principles shed light on existing definitions and may also serve as useful “sanity checks" for emerging models.

Information flow

Declassification

Författare

Andrei Sabelfeld

Chalmers, Data- och informationsteknik, Datavetenskap

David Sands

Chalmers, Data- och informationsteknik, Datavetenskap

Journal of Computer Security

0926-227X (ISSN)

Vol. 17 5 517-548

Ämneskategorier

Programvaruteknik

Datavetenskap (datalogi)

DOI

10.3233/JCS-2009-0352