Very static enforcement of dynamic policies
- Submitting institution
-
City, University of London
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 751
- Type
- E - Conference contribution
- DOI
-
10.1007/978-3-662-46666-7_3
- Title of conference / published proceedings
- Principles of Security and Trust. POST 2015
- First page
- 32
- Volume
- 9036 LNCS
- Issue
- -
- ISSN
- 0302-9743
- Open access status
- Out of scope for open access requirements
- Month of publication
- April
- Year of publication
- 2015
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
2
- Research group(s)
-
-
- Citation count
- -
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Output shows how a static dependency analysis can be used to verify a wide class of dynamic information-flow security policies and applies the method to a novel definition of progress-insensitive security. It is significant because previous work develops tailor-made analyses for each specific form of dynamic policy, with tailor-made correctness proofs to match, whereas we identify a common underlying semantic dependency property with a single, widely reusable, analysis and proof technique. It also fixes a "pathological attacker" anomaly in prior work, allowing us to verify security against all attackers.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -
