Team for Research in
Ubiquitous Secure Technology

Flexible dynamic information flow control in Haskell
Delan Stefan, Alejandro Russo, John C. Mitchell, David Mazières

Citation
Delan Stefan, Alejandro Russo, John C. Mitchell, David Mazières. "Flexible dynamic information flow control in Haskell". Proceedings of the 4th ACM symposium on Haskell, 2011.

Abstract
We describe a new, dynamic, floating-label approach to language-based information flow control, and present an implementation in Haskell. A labeled IO monad, LIO, keeps track of a current label and permits restricted access to IO functionality, while ensuring that the current label exceeds the labels of all data observed and restricts what can be modified. Unlike other language-based work, LIO also bounds the current label with a current clearance that provides a form of discretionary access control. In addition, programs may encapsulate and pass around the results of computations with different labels. We give precise semantics and prove confidentiality and integrity properties of the system.

Electronic downloads

Citation formats  
  • HTML
    Delan Stefan, Alejandro Russo, John C. Mitchell, David
    Mazières. <a
    href="http://www.truststc.org/pubs/889.html"
    >Flexible dynamic information flow control in
    Haskell</a>, Proceedings of the 4th ACM symposium on
    Haskell, 2011.
  • Plain text
    Delan Stefan, Alejandro Russo, John C. Mitchell, David
    Mazières. "Flexible dynamic information
    flow control in Haskell". Proceedings of the 4th ACM
    symposium on Haskell, 2011.
  • BibTeX
    @inproceedings{StefanRussoMitchellMazires11_FlexibleDynamicInformationFlowControlInHaskell,
        author = {Delan Stefan and Alejandro Russo and John C.
                  Mitchell and David Mazières},
        title = {Flexible dynamic information flow control in
                  Haskell},
        booktitle = {Proceedings of the 4th ACM symposium on Haskell},
        year = {2011},
        abstract = {We describe a new, dynamic, floating-label
                  approach to language-based information flow
                  control, and present an implementation in Haskell.
                  A labeled IO monad, LIO, keeps track of a current
                  label and permits restricted access to IO
                  functionality, while ensuring that the current
                  label exceeds the labels of all data observed and
                  restricts what can be modified. Unlike other
                  language-based work, LIO also bounds the current
                  label with a current clearance that provides a
                  form of discretionary access control. In addition,
                  programs may encapsulate and pass around the
                  results of computations with different labels. We
                  give precise semantics and prove confidentiality
                  and integrity properties of the system.},
        URL = {http://www.truststc.org/pubs/889.html}
    }
    

Posted by Mary Stewart on 4 Apr 2012.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.