Language-based information-flow security
Indexed incrossref
Abstract
Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow. Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. Previously, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. In this paper, we survey the past…
Citation impact
1,892
total citations
- FWCI
- 129.76
- Percentile
- 100%
- References
- 170
Citations per year
Authors
2Topics & keywords
Topics
Keywords
- Computer science
- Computer security
- Information flow
- Security policy
- Confidentiality
- Encryption
- Information security
- Information security standards
UN Sustainable Development Goals
- Peace, Justice and strong institutions
No related works found for this paper.