Confidentiality enforcement by hybrid control of information flows

by   Joachim Biskup, et al.

An information owner, possessing diverse data sources, might want to offer information services based on these sources to cooperation partners and to this end interact with these partners by receiving and sending messages, which the owner on his part generates by program execution. Independently from data representation or its physical storage, information release to a partner might be restricted by the owner's confidentiality policy on an integrated, unified view of the sources. Such a policy should even be enforced if the partner as an intelligent and only semi-honest attacker attempts to infer hidden information from message data, also employing background knowledge. For this problem of inference control, we present a framework for a unified, holistic control of information flow induced by program-based processing of the data sources to messages sent to a cooperation partner. Our framework expands on and combines established concepts for confidentiality enforcement and its verification and is instantiated in a Java environment. More specifically, as a hybrid control we combine gradual release of information via declassification, enforced by static program analysis using a security type system, with a dynamic monitoring approach. The dynamic monitoring employs flow tracking for generalizing values to be declassified under confidentiality policy compliance.


page 1

page 2

page 3

page 4


Towards a General-Purpose Dynamic Information Flow Policy

Noninterference offers a rigorous end-to-end guarantee for secure propag...

Information flow in a distributed security setting

Information flow security is classically formulated in terms of the abse...

LUCON: Data Flow Control for Message-Based IoT Systems

Today's emerging Industrial Internet of Things (IIoT) scenarios are char...

SNITCH: Dynamic Dependent Information Flow Analysis for Independent Java Bytecode

Software testing is the most commonly used technique in the industry to ...

Modular Information Flow through Ownership

Statically analyzing information flow, or how data influences other data...

Control-flow Flattening Preserves the Constant-Time Policy (Extended Version)

Obfuscating compilers protect a software by obscuring its meaning and im...

Should transparency be (in-)transparent? On monitoring aversion and cooperation in teams

Many modern organisations employ methods which involve monitoring of emp...

Please sign up or login with your details

Forgot password? Click here to reset