Date of this Version
Stephen Tse and Stephan A. Zdancewic, "A Design for a Security-typed Language with Certificate-based Declassification", . April 2005.
This paper presents a calculus that supports information-flow security policies and certificate-based declassification. The decentralized label model and its downgrading mechanisms are concisely expressed in the polymorphic lambda calculus with subtyping (System F≾). We prove a conditioned version of the noninterference theorem such that authorization for declassification is justified by digital certificates from public-key infrastructures.
Date Posted: 14 April 2006