Thomas H. Austin, Jean Yang, C. Flanagan, Armando Solar-Lezama
{"title":"策略不可知程序的分面执行","authors":"Thomas H. Austin, Jean Yang, C. Flanagan, Armando Solar-Lezama","doi":"10.1145/2465106.2465121","DOIUrl":null,"url":null,"abstract":"It is important for applications to protect sensitive data. Even for simple confidentiality and integrity policies, it is often difficult for programmers to reason about how the policies should interact and how to enforce policies across the program. A promising approach is policy-agnostic programming, a model that allows the programmer to implement policies separately from core functionality. Yang et al. describe Jeeves, a programming language that supports information flow policies describing how to reveal sensitive values in different output channels. Jeeves uses symbolic evaluation and constraint-solving to produce outputs adhering to the policies. This strategy provides strong confidentiality guarantees but limits expressiveness and implementation feasibility.\n We extend Jeeves with faceted values, which exploit the structure of sensitive values to yield both greater expressiveness and to facilitate reasoning about runtime behavior. We present a faceted semantics for Jeeves and describe a model for propagating multiple views of sensitive information through a program. We provide a proof of termination-insensitive non-interference and describe how the semantics facilitate reasoning about program behavior.","PeriodicalId":119000,"journal":{"name":"ACM Workshop on Programming Languages and Analysis for Security","volume":"5 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"63","resultStr":"{\"title\":\"Faceted execution of policy-agnostic programs\",\"authors\":\"Thomas H. Austin, Jean Yang, C. Flanagan, Armando Solar-Lezama\",\"doi\":\"10.1145/2465106.2465121\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"It is important for applications to protect sensitive data. Even for simple confidentiality and integrity policies, it is often difficult for programmers to reason about how the policies should interact and how to enforce policies across the program. A promising approach is policy-agnostic programming, a model that allows the programmer to implement policies separately from core functionality. Yang et al. describe Jeeves, a programming language that supports information flow policies describing how to reveal sensitive values in different output channels. Jeeves uses symbolic evaluation and constraint-solving to produce outputs adhering to the policies. This strategy provides strong confidentiality guarantees but limits expressiveness and implementation feasibility.\\n We extend Jeeves with faceted values, which exploit the structure of sensitive values to yield both greater expressiveness and to facilitate reasoning about runtime behavior. We present a faceted semantics for Jeeves and describe a model for propagating multiple views of sensitive information through a program. We provide a proof of termination-insensitive non-interference and describe how the semantics facilitate reasoning about program behavior.\",\"PeriodicalId\":119000,\"journal\":{\"name\":\"ACM Workshop on Programming Languages and Analysis for Security\",\"volume\":\"5 3\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"63\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Workshop on Programming Languages and Analysis for Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2465106.2465121\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Programming Languages and Analysis for Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2465106.2465121","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
It is important for applications to protect sensitive data. Even for simple confidentiality and integrity policies, it is often difficult for programmers to reason about how the policies should interact and how to enforce policies across the program. A promising approach is policy-agnostic programming, a model that allows the programmer to implement policies separately from core functionality. Yang et al. describe Jeeves, a programming language that supports information flow policies describing how to reveal sensitive values in different output channels. Jeeves uses symbolic evaluation and constraint-solving to produce outputs adhering to the policies. This strategy provides strong confidentiality guarantees but limits expressiveness and implementation feasibility.
We extend Jeeves with faceted values, which exploit the structure of sensitive values to yield both greater expressiveness and to facilitate reasoning about runtime behavior. We present a faceted semantics for Jeeves and describe a model for propagating multiple views of sensitive information through a program. We provide a proof of termination-insensitive non-interference and describe how the semantics facilitate reasoning about program behavior.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
