%0 Conference Proceedings
%T Many-to-Many Information Flow Policies
%+ Università degli Studi di Padova = University of Padua (Unipd)
%+ School for Advanced Studies Lucca (IMT)
%+ Danmarks Tekniske Universitet = Technical University of Denmark (DTU)
%A Baldan, Paolo
%A Beggiato, Alessandro
%A Lluch Lafuente, Alberto
%Z Part 4: Resource, Components and Information Flow
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 19th International Conference on Coordination Languages and Models (COORDINATION)
%C Neuchâtel, Switzerland
%Y Jean-Marie Jacquet
%Y Mieke Massink
%I Springer International Publishing
%3 Coordination Models and Languages
%V LNCS-10319
%P 159-177
%8 2017-06-19
%D 2017
%R 10.1007/978-3-319-59746-1_9
%K Information flow
%K Coordination
%K Concurrency
%K Declassification
%K Non-interference
%K Causality
%K Event structures
%Z Computer Science [cs]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Information flow techniques typically classify information according to suitable security levels and enforce policies that are based on binary relations between individual levels, e.g., stating that information is allowed to flow from one level to another. We argue that some information flow properties of interest naturally require coordination patterns that involve sets of security levels rather than individual levels: some secret information could be safely disclosed to a set of confidential channels of incomparable security levels, with individual leaks considered instead illegal; a group of competing agencies might agree to disclose their secrets, with individual disclosures being undesired, etc. Motivated by this we propose a simple language for expressing information flow policies where the usual admitted flow relation between individual security levels is replaced by a relation between sets of security levels, thus allowing to capture coordinated flows of information. The flow of information is expressed in terms of causal dependencies and the satisfaction of a policy is defined with respect to an event structure that is assumed to capture the causal structure of system computations. We suggest applications to secret exchange protocols, program security and security architectures, and discuss the relation to classic notions of information flow control.
%G English
%Z TC 6
%Z WG 6.1
%2 https://inria.hal.science/hal-01657347/document
%2 https://inria.hal.science/hal-01657347/file/450044_1_En_9_Chapter.pdf
%L hal-01657347
%U https://inria.hal.science/hal-01657347
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC6
%~ IFIP-WG6-1
%~ IFIP-COORDINATION
%~ IFIP-LNCS-10319