Implementing Erasure Policies Using Taint Analysis
Paper i proceeding, 2012

Security or privacy-critical applications often require access to sensitive information in order to function. But in accordance with the principle of least privilege – or perhaps simply for legal compliance – such applications should not retain said information once it has served its purpose. In such scenarios, the timely disposal of data is known as an information erasure policy. This paper studies software-level information erasure policies for the data manipulated by programs. The paper presents a new approach to the enforcement of such policies. We adapt ideas from dynamic taint analysis to track how sensitive data sources propagate through a program and erase them on demand. The method is implemented for Python as a library, with no modifications to the runtime system. The library is easy to use, and allows programmers to indicate information-erasure policies with only minor modifications to their code.

taint analysis

erasure

library

Författare

Filippo Del Tedesco

Programvaruteknik (Chalmers)

Forskning Andra publikationer

Alejandro Russo

Chalmers, Data- och informationsteknik, Datavetenskap

Forskning Andra publikationer

David Sands

Chalmers, Data- och informationsteknik, Datavetenskap

Forskning Andra publikationer

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 7127 LNCS 193-209

Ämneskategorier

Datavetenskap (datalogi)

DOI

10.1007/978-3-642-27937-9_14

Publikationsdata kopplat till DOI

Mer information

Senast uppdaterat

2024-10-28

Feedback och support

Om du har frågor, behöver hjälp, hittar en bugg eller vill ge feedback kan du göra det här nedan. Du når oss också direkt per e-post research.lib@chalmers.se.

Om tjänsten

Research.chalmers.se innehåller information om forskning på Chalmers, publikationer och projekt inklusive information om finansiärer och samarbetspartners.

Läs mer om tjänsten, täckningsgrad och vilka som kan se informationen

Personuppgifter och cookies

Tillgänglighet

Citation Style Language
citeproc-js (Frank Bennett)

Länkar

Chalmers bibliotek
Chalmers forskning
Chalmers examensarbeten

Chalmers tekniska högskola

412 96 GÖTEBORG
TELEFON: 031-772 10 00
WWW.CHALMERS.SE