Team for Research in
Ubiquitous Secure Technology

Decentralized Robustness
Stephen Chong, Andrew C. Myers

Citation
Stephen Chong, Andrew C. Myers. "Decentralized Robustness". Proceedings of the 19th IEEE Computer Security Foundations Workshop, 242-253, July, 2006.

Abstract
Robustness links confidentiality and integrity properties of a computing system and has been identified as a useful property for characterizing and enforcing security. Previous characterizations of robustness have been with respect to a single idealized attacker; this paper shows how to define robustness for systems with mutual distrust. Further, we demonstrate that the decentralized label model (DLM) can be extended to support fine-grained reasoning about robustness in such systems. The DLM is a natural choice for capturing robustness requirements because decentralized labels are explicitly expressed in terms of principals that can be used to characterize the power of attackers across both the confidentiality and integrity axes. New rules are proposed for statically checking robustness and qualified robustness using an extended DLM; the resulting type system is shown to soundly enforce robustness. Finally, sound approximations are developed for checking programs with bounded but unknown label parameters, which is useful for security-typed languages. In sum, the paper shows how to use robustness to gain assurance about secure information flow and information release in systems with complex security requirements.

Electronic downloads

Citation formats  
  • HTML
    Stephen Chong, Andrew C. Myers. <a
    href="http://www.truststc.org/pubs/455.html"
    >Decentralized Robustness</a>, Proceedings of the
    19th IEEE Computer Security Foundations Workshop, 242-253,
    July, 2006.
  • Plain text
    Stephen Chong, Andrew C. Myers. "Decentralized
    Robustness". Proceedings of the 19th IEEE Computer
    Security Foundations Workshop, 242-253, July, 2006.
  • BibTeX
    @inproceedings{ChongMyers06_DecentralizedRobustness,
        author = {Stephen Chong and Andrew C. Myers},
        title = {Decentralized Robustness},
        booktitle = {Proceedings of the 19th IEEE Computer Security
                  Foundations Workshop},
        pages = {242-253},
        month = {July},
        year = {2006},
        abstract = {Robustness links confidentiality and integrity
                  properties of a computing system and has been
                  identified as a useful property for characterizing
                  and enforcing security. Previous characterizations
                  of robustness have been with respect to a single
                  idealized attacker; this paper shows how to define
                  robustness for systems with mutual distrust.
                  Further, we demonstrate that the decentralized
                  label model (DLM) can be extended to support
                  fine-grained reasoning about robustness in such
                  systems. The DLM is a natural choice for capturing
                  robustness requirements because decentralized
                  labels are explicitly expressed in terms of
                  principals that can be used to characterize the
                  power of attackers across both the confidentiality
                  and integrity axes. New rules are proposed for
                  statically checking robustness and qualified
                  robustness using an extended DLM; the resulting
                  type system is shown to soundly enforce
                  robustness. Finally, sound approximations are
                  developed for checking programs with bounded but
                  unknown label parameters, which is useful for
                  security-typed languages. In sum, the paper shows
                  how to use robustness to gain assurance about
                  secure information flow and information release in
                  systems with complex security requirements.},
        URL = {http://www.truststc.org/pubs/455.html}
    }
    

Posted by Andrew C. Myers, Ph.D. on 22 Aug 2008.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.