A Type-Based Approach to Program Security
MetadataShow full item record
This paper presents a type system which guarantees that well-typed programs in a procedural programming language satisfy a noninterference security property. With all program inputs and outputs classified at various security levels, the property basically states that a program output, classified at some level, can never change as a result of modifying only inputs classified at higher levels. Intuitively, this means the program does not “leak” sensitive data. The property is similar to a notion introduced years ago by Goguen and Meseguer to model secu- rity in multi-level computer systems . We also give an algorithm for inferring and simplifying principal types, which document the security requirements of programs.
The article of record as published may be found at http://dx.doi.org/
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Smith, Geoffrey; Volpano, Dennis (ACM, 1998-01-00);Previously, we developed a type system to ensure secure information flow in a sequential imperative programming language [VSI96]. Program variables are classified as either high or low security intuitively. We wish to ...
Study on the applicability of and use of property management regulations in support of major acquisition programs in the Department of the Navy Castro, Robert A. (Monterey, California. Naval Postgraduate School, 2001-12);The purchase of millions of dollars in Government property by various programs within the Department of the Navy in the development of many ACAT-1 Major Systems acquisition programs need to be reviewed to determine if the ...
Unknown author (Monterey, California: Naval Postgraduate School, 2019);The objective of the Ordnance and Ballistics Technology Working Group Meeting is to provide researchers, developers, and program managers (from government, academia, and industry) a forum for the exchange of information ...