Building Secure Information Systems Using Decentralised Information Flow Control
Speaker: RK Shyamasundar – Mumbai, IndiaTopic(s): Security and Privacy
Abstract
The ability to control the release and propagation of information lies at the heart of systems security. Lattice model of secure information flow proposed by Dorothy Denning provides support for controlling information propagation by assigning security levels to data sets and subjects. Information flow control is achieved by allowing information flow from a level to a higher or equal level. The lattice model is a simple policy that is compositional, which makes it possible to specify and verify end-to-end security guarantees. The lattice model of secure information flow succinctly captures well known security models like the Bell-LaPadula model for secrecy/confidentiality BibaÕs model for integrity, the Chinese-Wall security policy etc. With emergence of decentralised systems, new models for realising confidentiality and integrity referred to as decentralised information flow models have emerged and are playing a leading role in building end-to-end secure systems.
In this talk, after providing an overview of the classic security models and decentralised information flow control models, we discuss their application for building provably secure operating systems, secure language platforms and cloud computing platforms.
About this Lecture
Number of Slides: 70Duration: 60 minutes
Languages Available: English
Last Updated:
Request this Lecture
To request this particular lecture, please complete this online form.
Request a Tour
To request a tour with this speaker, please complete this online form.
All requests will be sent to ACM headquarters for review.