Information flow in trust management systems

被引:4
作者
Becker, Moritz [1 ]
机构
[1] Microsoft Res, 7 JJ Thomson Ave, Cambridge, England
关键词
Information flow; access control; trust management; policy language; Datalog; probing attack; opacity;
D O I
10.3233/JCS-2012-0443
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This article proposes a systematic study of information flow in credential-based declarative authorization policies. It argues that a treatment in terms of information flow is needed to adequately describe, analyze and mitigate a class of probing attacks which allow an adversary to infer any confidential fact within a policy. Two information flow properties that have been studied in the context of state transition systems, non-interference and opacity, are reformulated in the current context of policy languages. A comparison between these properties reveals that opacity is the more useful, and more general of the two; indeed, it is shown that non-interference can be stated in terms of opacity. The article then presents an inference system for non-opacity or detectability, in Datalog-based policies. Finally, a pragmatic method is presented, based on a mild modification of the mechanics of delegation, for preventing a particularly dangerous kind of probing attack that abuses delegation of authority.
引用
收藏
页码:677 / 708
页数:32
相关论文
共 41 条
[1]   A CALCULUS FOR ACCESS-CONTROL IN DISTRIBUTED SYSTEMS [J].
ABADI, M ;
BURROWS, M ;
LAMPSON, B ;
PLOTKIN, G .
ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 1993, 15 (04) :706-734
[2]  
Becker M., 2009, IEEE INT S POL DISTR
[3]  
Becker M.Y., 2009, MSRTR2009127
[4]  
Becker M. Y., 2008, LECT NOTES COMPUTER, V4902
[5]   Design and semantics of a decentralized authorization language [J].
Becker, Moritz Y. ;
Fournet, Cedric ;
Gordon, Andrew D. .
20TH IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSFS20), PROCEEDINGS, 2007, :3-+
[6]   Information Flow in Credential Systems [J].
Becker, Moritz Y. .
2010 23RD IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF), 2010, :171-185
[7]   Cassandra: Distributed access control policies with tunable expressiveness [J].
Becker, MY ;
Sewell, P .
FIFTH IEEE INTERNATIONAL WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, PROCEEDINGS, 2004, :159-168
[8]   Cassandra: Flexible trust management, applied to electronic health records [J].
Becker, MY ;
Sewell, P .
17TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2004, :139-154
[9]  
Blaze M., 1999, Secure Internet programming. Security issues for mobile and distributed objects, P185
[10]   FOUNDATIONS OF SECURE DEDUCTIVE DATABASES [J].
BONATTI, PA ;
KRAUS, S ;
SUBRAHMANIAN, VS .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 1995, 7 (03) :406-422