|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Declassification Policy Inference
If you have a question about this talk, please contact Sam Staton.
Security-type systems can provide strong information security guarantees but often require enormous programmer effort to be used in practice. In this talk, I will describe inference of fine-grained, human-readable declassification policies as a step towards providing security guarantees that are proportional to a programmer’s effort: the programmer should receive weak (but sound) security guarantees for little effort, and stronger guarantees for more effort.
I will present an information-flow type system with where policies may be inferred from existing program structure. The inference algorithm can find precise and intuitive descriptions of potentially dangerous information flows in a program, and policies specify what information is released under what conditions. A semantic security condition specifies what it means for a program to satisfy a policy.
Our work demonstrates the soundness of an analysis for programs in a simple imperative language with exceptions. Furthermore, we have extended the analysis to an object-sensitive interprocedural analysis for single-threaded Java 1.4 programs and developed a prototype implementation.
This talk is part of the Logic and Semantics Seminar (Computer Laboratory) series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsBeyond Academics miTalks Active Materials
Other talksThe genetic epidemiology of prostate cancer The 2015 Controlling Cancer Summit Sex, Disease and Fertility in History Lunchtime Talk: Collection highlight-Richard Pousette-Dart A Visual Programming Language for building Artificial Biochemistries in Haskell Fast transient brain states