Coarse-Grained Information Flow Control on Hybrid Clouds

2016 ◽  
Author(s):  
Chien-An Lai ◽  
Asser N. Tantawi ◽  
Calton Pu
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Coarse Grained ◽  
Information Flow Control ◽  
Hybrid Clouds

scholarly journals Flexible dynamic information flow control in the presence of exceptions

2017 ◽  
Vol 27 ◽  
Author(s):  
DEIAN STEFAN ◽  
DAVID MAZIÈRES ◽  
JOHN C. MITCHELL ◽  
ALEJANDRO RUSSO
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Information Leakage ◽  
Coarse Grained ◽  
Sensitive Information ◽  
Data Confidentiality ◽  
Information Flow Control ◽  
Dynamic Information ◽  
Discretionary Access Control ◽  
Fine Grained

AbstractWe describe a language-based, dynamic information flow control (IFC) system called LIO. Our system presents a new design point for IFC, influenced by the challenge of implementing IFC as a Haskell library, as opposed to the more typical approach of modifying the language runtime system. In particular, we take a coarse-grained, floating-label approach, previously used by IFC Operating Systems, and associate a single, mutable label—thecurrent label—with all the data in a computation's context. This label is always raised to reflect the reading of sensitive information and it is used to restrict the underlying computation's effects. To preserve the flexibility of fine-grained systems, LIO also provides programmers with a means for associating an explicit label with a piece of data. Interestingly, these labeled values can be used to encapsulate the results of sensitive computations which would otherwise lead to the creeping of the current label. Unlike other language-based systems, LIO also bounds the current label with acurrent clearance, providing a form of discretionary access control that LIO programs can use to deal with covert channels. Moreover, LIO provides programmers with mutable references and exceptions. The latter, exceptions, are used in LIO to encode and recover from monitor failures, all while preserving data confidentiality and integrity—this addresses a longstanding concern that dynamic IFC is inherently prone to information leakage due to monitor failure.

scholarly journals A Noninterference Model for Mobile OS Information Flow Control and Its Policy Verification

2021 ◽  
Vol 2021 ◽  
pp. 1-22
Author(s):  
Zhanhui Yuan ◽  
Wenfa Li ◽  
Zhi Yang ◽  
Lei Sun ◽  
Xuehui Du ◽  
...  
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Operating Systems ◽  
Search Algorithm ◽  
Coarse Grained ◽  
Covert Channel ◽  
Covert Channels ◽  
Information Flow Control ◽  
Label Change ◽  
Security Property

Mobile operating systems such as Android are facing serious security risk. First, they have a large number of users and store a large number of users’ private data, which have become major targets of network attack; second, their openness leads to high security risks; third, their coarse-grained static permission control mechanism leads to a large number of privacy leaks. Recent decentralized information flow control (DIFC) operating systems such as Asbestos, HiStar, and Flume dynamically adjust the label of each process. Asbestos contains inherent covert channels due to this implicit label adjustment. The others close these covert channels through the use of explicit label change, but this impedes communication and increases performance overhead. We present an enhanced implicit label change model (EILCM) for mobile operating systems that can close the known covert channel in these models with implicit label change and supports dynamic constraints on tags for separation of duty. We also formally analyze the reasons why EILCM can close the known covert channels and prove that abstract EILCM systems have the security property of noninterference with declassification by virtue of the model checker tool FDR. We also prove that the problem of EILCM policy verification is NP-complete and propose a backtrack-based search algorithm to solve the problem. Experiments are presented to show that the algorithm is effective.

scholarly journals From fine- to coarse-grained dynamic information flow control and back

2019 ◽  
Vol 3 (POPL) ◽  
pp. 1-31 ◽  
Author(s):  
Marco Vassena ◽  
Alejandro Russo ◽  
Deepak Garg ◽  
Vineet Rajani ◽  
Deian Stefan
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Coarse Grained ◽  
Information Flow Control ◽  
Dynamic Information

HLIO: mixing static and dynamic typing for information-flow control in Haskell

2015 ◽  
Vol 50 (9) ◽  
pp. 289-301 ◽  
Author(s):  
Pablo Buiras ◽  
Dimitrios Vytiniotis ◽  
Alejandro Russo
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Information Flow Control ◽  
Dynamic Typing

scholarly journals Tenant-Led Ciphertext Information Flow Control for Cloud Virtual Machines

IEEE Access ◽  
2021 ◽  
Vol 9 ◽  
pp. 15156-15169
Author(s):  
Zhao Zhang ◽  
Zhi Yang ◽  
Xuehui Du ◽  
Wenfa Li ◽  
Xingyuan Chen ◽  
...  
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Virtual Machines ◽  
Information Flow Control

Exception-based information flow control in object-oriented systems

1998 ◽  
Vol 1 (1) ◽  
pp. 26-65 ◽  
Author(s):  
Elisa Bertino ◽  
Sabrina De Capitani Di Vimercati ◽  
Elena Ferrari ◽  
Pierangela Samarati
Keyword(s):  
Flow Control ◽  
Information Flow ◽  
Object Oriented ◽  
Information Flow Control ◽  
Object Oriented Systems
Sign in / Sign up

Export Citation Format

Share Document