Information Integrity Policies

Information integrity policies are traditionally enforced by access control mechanisms that prevent unauthorized users from modifying data. However, access control does not provide end-to-end assurance of integrity. For that reason, integrity guarantees in the form of noninterference assertions have been proposed. Despite the appeals of such information-flow based approaches to integrity, that solution is also unsatisfactory because it leads to a weaker notion of integrity than needed

[1]  Jack B. Dennis,et al.  Programming semantics for multiprogrammed computations , 1966, CACM.

[2]  C. A. R. HOARE,et al.  An axiomatic basis for computer programming , 1969, CACM.

[3]  William A. Wulf,et al.  HYDRA , 1974, Commun. ACM.

[4]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[5]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[6]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[7]  Peter J. Denning,et al.  Certification of programs for secure information flow , 1977, CACM.

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Robert S. Boyer,et al.  The Correctness Problem in Computer Science , 1982 .

[10]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[11]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[12]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[13]  Randy H. Katz,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988, SIGMOD '88.

[14]  Manuel Blum,et al.  Designing programs that check their work , 1989, STOC '89.

[15]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Robert Wahbe,et al.  Efficient software-based fault isolation , 1994, SOSP '93.

[17]  Mahadev Satyanarayanan,et al.  Disconnected Operation in the Coda File System , 1999, Mobidata.

[18]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[19]  Simon N. Foley The specification and implementation of “commercial” security requirements including dynamic segregation of duties , 1997, CCS '97.

[20]  Christopher Small MiSFIT: A Tool for Constructing Safe Extensible C++ Systems , 1997, COOTS.

[21]  Jon G. Riecke,et al.  The SLam calculus: programming with secrecy and integrity , 1998, POPL '98.

[22]  Hanêne Ben-Abdallah,et al.  A Monitoring and Checking Framework for Run-time Correctness Assurance , 1998 .

[23]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[24]  Andrew C. Myers,et al.  Jif: java information flow , 1999 .

[25]  Sylvain Conchon,et al.  Information flow inference for free , 2000, ICFP '00.

[26]  Andrew C. Myers,et al.  Protecting privacy using the decentralized label model , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[27]  Andrew C. Myers,et al.  Robust declassification , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[28]  David A. Wagner,et al.  This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .

[29]  Andrew C. Myers,et al.  Secure program partitioning , 2002, TOCS.

[30]  José Carlos Brustoloni,et al.  Protecting electronic commerce from distributed denial-of-service attacks , 2002, WWW '02.

[31]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[32]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[33]  Steve Zdancewic,et al.  A Type System for Robust Declassification , 2003, MFPS.

[34]  Simon N. Foley,et al.  A nonfunctional approach to system integrity , 2003, IEEE J. Sel. Areas Commun..

[35]  Cédric Fournet,et al.  Stack inspection: Theory and variants , 2003, TOPL.