Title: Stateful declassification policies for event-driven programs
Authors: Vanhoef, Mathy ×
De Groef, Willem
Devriese, Dominique
Piessens, Frank
Rezk, Tamara #
Issue Date: 22-Jul-2014
Publisher: IEEE
Host Document: 2014 IEEE 27th Computer Security Foundations Symposium (CSF 2014) pages:293-307
Conference: Computer Security Foundations (CSF 2014) edition:27 location:TU Wien, Vienna, Austria date:19-22 July 2014
Abstract: We propose a novel mechanism for enforcing information flow policies with support for declassification on event-driven programs. Declassification policies consist of two functions. First, a projection function specifies for each confidential event what information in the event can be declassified directly. This generalizes the traditional security labelling of inputs. Second, a stateful release function specifies the aggregate information about all confidential events seen so far that can be declassified. We provide evidence that such declassification policies are useful in the context of JavaScript web applications. An enforcement mechanism for our policies is presented and its soundness and precision is proven. Finally, we give evidence of practicality by implementing and evaluating the mechanism in a browser.
Publication status: published
KU Leuven publication type: IC
Appears in Collections:Informatics Section
× corresponding author
# (joint) last author

Files in This Item:
File Description Status SizeFormat
sme_declassification.pdf Accepted 249KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.

© Web of science