Updatable Security Views

Loading...
Thumbnail Image
Penn collection
Departmental Papers (CIS)
Degree type
Discipline
Subject
authorisation
formal languages
access control
bidirectional language
bidirectional string combinator
confidential information
confidentiality policy
noninterference property
secure lenses
security views
security-annotated regular expression
source data access
view update problem
Security views
confidentiality
information flow
integrity
lenses
regular types
view update
Funder
Grant number
License
Copyright date
Distributor
Related resources
Contributor
Abstract

Security views are a flexible and effective mechanism for controlling access to confidential information. Rather than allowing untrusted users to access source data directly, they are instead provided with are restricted view, from which all confidential information has been removed. The program that generates the view effectively embodies a confidentiality policy for the underlying source data. However, this approach has a significant drawback: it prevents users from updating the data in the view. To address the "view update problem" in general, a number of bidirectional languages have been proposed. Programs in these languages - often called lenses - can be run in two directions: read from left to right, they map sources to views; from right to left,they map updated views back to updated sources. However, existing bidirectional languages do not deal adequately with security. In particular, they do not provide a way to ensure the integrity of source data as it is manipulated by untrusted users of the view. We propose a novel framework of secure lenses that addresses these shortcomings. We enrich the types of basic lenses with equivalence relations capturing notions of confidentiality and integrity, and formulate the essential security conditions as non-interference properties. We then instantiate this framework in the domain of string transformations, developing syntax for bidirectional string combinators with security-annotated regular expressions as their types.

Advisor
Date of presentation
2009-07-08
Conference name
Departmental Papers (CIS)
Conference dates
2023-05-17T03:23:11.000
Conference location
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Volume number
Issue number
Publisher
Publisher DOI
Journal Issue
Comments
Copyright 2009 IEEE. Reprinted from: Foster, J.N.; Pierce, B.C.; Zdancewic, S., "Updatable Security Views," Computer Security Foundations Symposium, 2009. CSF '09. 22nd IEEE , vol., no., pp.60-74, 8-10 July 2009 Publisher URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5230487&isnumber=5230483 This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.
Recommended citation
Collection