Article

Free Access

A decentralized model for information flow control

Authors:
Andrew C. Myers

MIT Lab for Computer Science, 545 Technology Square, Cambridge, MA

MIT Lab for Computer Science, 545 Technology Square, Cambridge, MA
View Profile

,
Barbara Liskov

MIT Lab for Computer Science, 545 Technology Square, Cambridge, MA

MIT Lab for Computer Science, 545 Technology Square, Cambridge, MA
View Profile

SOSP '97: Proceedings of the sixteenth ACM symposium on Operating systems principlesOctober 1997Pages 129–142https://doi.org/10.1145/268998.266669

Published:01 October 1997Publication History

SOSP '97: Proceedings of the sixteenth ACM symposium on Operating systems principles

Pages 129–142

References

AR80.Gregory R. Andrews and Richard P. Reitman. An axiomatic approach to information flow in programs. ACM Transactions on Programming Languages and Systems, 2(1):56--76, 1980. Google ScholarDigital Library
Bib77.K.J. Biba. Integrity considerations for secure computer systems. Technical Report ESD-TR-76-372, USAF Electronic Systems Division, Bedford, M_A, April 1977.Google Scholar
BL75.D.E. Bell and L. J. LaPadula. Secure computer system: Un{-: fled exposition and Multics interpretation. Technical Report ESD-TR-75-306, MITRE Corp. MTR-2997, Bedford, MA, 1975. Available as NTIS AD-A023 588.Google Scholar
BN89.D.F. Brewer and I. Nash. The Chinese wall security policy. In Proc. of the IEEE Symposium on Security and Privacy, pages 206-258, May 1989.Google ScholarCross Ref
CW87.David Clark and David R. Wilson. A comparison of commerical and military computer security policies. In Proc. of the IEEE Symposium on Security and Privacy, pages 184.--194, 1987. ,Google Scholar
DD77.Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Comm. of the ACM, 20(7):504--513, 1977. Google ScholarDigital Library
Den76.Dorothy E. Denning. A lattice model of secure information flow. Comm. of the ACM, 19(5):236-243, 1976. Google ScholarDigital Library
DG84.William F. Dowling and Jean H. G allier. Linear-t~'me algorithms for testing the satisfiability of propositional Horn for-' mula~. Journal of Logic Programming, 1(3):267-284, October 1984.Google ScholarCross Ref
Fol91.Simon N. Foley. A taxonomy for information flow policies and models. In Proc. of the IEEE Symposium on Security and Privacy, pages 98-108, 1991.Google ScholarCross Ref
GJS96.James Gosling, Bill Joy, and Guy Steele. The Java Language Specification. Addison-Wesley, August 1996. ISBN 0-201- 63451-1. Google ScholarDigital Library
GM84.I.A. Goguen and J. Meseguer. Unwinding and inference control. In Proc. of the IEEE Symposium on Security and Privacy, pages 11-20, April 1984.Google ScholarCross Ref
JG91.Pierre Jouvelot and David K. Gifford. Algebraiereconstmction of types and effects, in ACM Symposium on Principles of Programming Languages, pages 303--310, January 1991. Google ScholarDigital Library
JL78.Anita K. Jones and Barbara Liskov. A language extension for expressing constraints on data access. Cotton. of the ACM, 21(5):358--367, May 1978. Google ScholarDigital Library
LAB+84.Barbara Liskov, Russell Atkinson, Toby Bloom, J. Eliot Moss, J. Craig Schaffert, Robert Scheifler, and Alan Snyder. CLU Reference Manual. Springer-Verlag, 1984. Also published as Lecture Notes in Computer Science 114, G. Goos and J. Hartmanis, Eds., Springer-Vet'lag, 1981. Google ScholarDigital Library
LABW91.Butler Lampson, Mam'n Abadi, Michael Burrows, and Edward Wobber. Authentication in distributed systems: Theory and practice. In Proc. 13th ACM Syrup. on Operating System Principles (SOSP), pages 165.-I 82, October 199 i. Operating System Review, 253(5). Google ScholarDigital Library
Lam73.Buffer W. Lampson. A note on the confinement problem, Comm. of the ACM, 10:613--615, 1973. Google ScholarDigital Library
LY96.T. Lindholm and F. Yellin. The Java Virtual Machine, Addison-Wesley, Englewood Cliffs, NJ, May 1996. Google ScholarDigital Library
MMN90.Catherine J. McCollum, Judith R. Messing, and LouAnna No., targiacomo. Beyond the pale of MAC and DAC -- defining new forms of access control. In Proc. of the IEEE Symposhtnt on Security and Privacy, pages 190--200, 1990.Google ScholarCross Ref
MR92.M.D. Mcllroy and J.A. Reeds. Multilevel security In the UNIX tradition. Software--Practice and Experlence, 22(8):673--694, August 1992. Google ScholarDigital Library
Nec97.George C. Necula. Proof-carrying code, In Proc. of ACM Symp. on Principles of Programming Languages, pages 106-. 119, lanuary 1997. Google ScholarDigital Library
PO95.Jens Palsbergand PeterOrba:k. Trust in the,X-calculus, InProc, 2nd International Symposium on Static Analysts, number 983 la Lecture Notes in Computer Science, pages 314--329. Springer, September 1995. Google ScholarDigital Library
RM96.Jakob Rehof and Torben ,,E. Mogensen. Tractable constraint~ in finite semilattices. In Proc. 3rd Internatlonal Symposhtnt oil Static Analysis, number 1145 in Lecture Notes in Computer Science, pages 285-300. Springer-Verlag, September 1996, Google ScholarDigital Library
RSC92.joel l(ichardson, Peter Schwarz., and Luis-Fel{l~ Cabrera. CACL: Efficient fine-grained protection for objects, In Pro. ceedings of the 1992 ACM Conference on Object. Oriented Programming Systems, Languages, and Applications, pages 154--165,-Vancouver, BC, Canada, October 1992. Google ScholarDigital Library
Vol97.Dennls Volpano. Provably-secure programming languages for remote evaluation. ACM SIGPLAN Notices, 32(1):117-119, January 1997. Google ScholarDigital Library
VSI96.Dennis Volpano, Geoffrey Smith, and Cynthia Irvlne, A sound type system for secure flow analysis. Journal of Computer Security, 4(3):167-187, 1996. Google ScholarDigital Library

Index Terms

A decentralized model for information flow control
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language types
  2. Software organization and properties
    1. Contextual software domains
      1. Operating systems

Recommendations

AT-DIFC⁺: Toward Adaptive and Trust-Aware Decentralized Information Flow Control
Modern software systems and their corresponding architectures are increasingly decentralized, distributed, and dynamic. As a consequence, decentralized mechanisms are required to ensure security in such architectures. Decentralized Information Flow ...
Read More
An information flow control meta-model
SACMAT '13: Proceedings of the 18th ACM symposium on Access control models and technologies

In this paper a meta-model for information flow control is defined using the foundation of Barker's access control meta-model. The purposes for defining this meta-model is to achieve a more principled understanding of information flow control, to ...
Read More
Information Flow Control Model and Method in Distribute MILS
CIS '14: Proceedings of the 2014 Tenth International Conference on Computational Intelligence and Security

A new generation of avionics system has three major technical characteristics of high resource sharing, data integration and software intensive. However, in the cooperative combat environment, which has the problem of potential sensitive information ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SOSP '97: Proceedings of the sixteenth ACM symposium on Operating systems principles
October 1997
303 pages
ISBN:0897919165
DOI:10.1145/268998
Chairmen:
Michel Banâtre
IRISA/INRIA
,
Henry Levy
Univ. of Washington, Seattle
,
Editor:
William M. Waite
Univ. of Colorado, Boulder
ACM SIGOPS Operating Systems Review Volume 31, Issue 5
Dec. 1997
301 pages
ISSN:0163-5980
DOI:10.1145/269005
Chairmen:
Michel Banâtre
IRISA/INRIA
,
Henry Levy
Univ. of Washington, Seattle
,
Editor:
William M. Waite
Univ. of Colorado, Boulder
Issue’s Table of Contents
Copyright © 1997 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 1997
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate131of716submissions,18%
Upcoming Conference
SOSP '24

Sponsor:

sigops

ACM SIGOPS 29th Symposium on Operating Systems Principles

November 5 - 8, 2024

Austin , TX , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 415
  Total Citations
  View Citations
- 3,321
  Total Downloads
- Downloads (Last 12 months)685
- Downloads (Last 6 weeks)188
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A decentralized model for information flow control

SOSP '97: Proceedings of the sixteenth ACM symposium on Operating systems principles

References

Cited By

Index Terms

Recommendations

AT-DIFC⁺: Toward Adaptive and Trust-Aware Decentralized Information Flow Control

An information flow control meta-model

Information Flow Control Model and Method in Distribute MILS

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

A decentralized model for information flow control

SOSP '97: Proceedings of the sixteenth ACM symposium on Operating systems principles

References

Cited By

Index Terms

Recommendations

AT-DIFC+: Toward Adaptive and Trust-Aware Decentralized Information Flow Control

An information flow control meta-model

Information Flow Control Model and Method in Distribute MILS

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media

AT-DIFC⁺: Toward Adaptive and Trust-Aware Decentralized Information Flow Control