Encoding information flow in Aura

Encoding information flow in Aura,10.1145/1554339.1554344,Limin Jia,Steve Zdancewic

Encoding information flow in Aura   (Citations: 5)
BibTex | RIS | RefWorks Download
Two of the main ways to protect security-sensitive resources in computer systems are to enforce access-control policies and information-flow policies. In this paper, we show how to enforce information-flow policies in AURA, which is a programming language for access control. When augmented with this mechanism for enforcing information-flow polices, AURA can further improve the security of reference monitors that implement access control. We show how to encode security types and lattices of security labels using AURA's existing constructs for autho- rization logic. We prove a noninterference theorem for this encoding. We also investigate how to use expressive access- control policies specified in authorization logic as the poli- cies for information declassification.
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
Sort by: