A user model for information erasure.
Paper i proceeding, 2009

Hunt and Sands (ESOP'08) studied a notion of information erasure for systems which receive secrets intended for limited-time use. Erasure demands that once a secret has fulfilled its purpose the subsequent behaviour of the system should reveal no information about the erased data. In this paper we address a shortcoming in that work: for erasure to be possible the user who provides data must also play his part, but previously that role was only specified informally. Here we provide a formal model of the user and a collection of requirements called erasure friendliness. We prove that an erasure-friendly user can be composed with an erasing system (in the sense of Hunt and Sands) to obtain a combined system which is jointly erasing in an appropriate sense. In doing so we identify stronger requirements on the user than those informally described in the previous work.


Filippo Del Tedesco

Chalmers, Data- och informationsteknik

David Sands

Chalmers, Data- och informationsteknik

Proceedings 7th International Workshop on Security Issues in Concurrency, Bologna (Italy), 5th September 2009

Vol. EPTCS 7


Datavetenskap (datalogi)

Mer information