Search papers, labs, and topics across Lattice.
This paper introduces a novel type system for secure information flow that allows for the dynamic creation and insertion of new security levels into a security lattice during system execution. By extending Kobayashi's framework for Milner's pi-calculus, the authors provide a robust formalization of secrecy through non-interference, accommodating both sequential and concurrent computations. The key result demonstrates that this dynamic approach enhances the expressiveness and flexibility of security policies in complex systems, addressing limitations of traditional static security models.
Dynamic security levels can be added on-the-fly, transforming how we manage information flow in concurrent systems.
We develop a type system for secure information flow where new security levels can be created and inserted into the security lattice dynamically, i.e., even in the middle of an execution of a system. Our system is formalized by extending Kobayashi's type-based secure information flow analysis for Milner's pi-calculus, which is one of the most expressive models (or "languages") supporting both sequential and concurrent computations, with concise syntax, reduction-based semantics, and bisimulation equivalence as a robust formalization of secrecy as non-interference. The development required careful treatment of extensions of lattices themselves as well as deliberate generalization from the simple 2-element lattice (consisting of only High and Low) in the original system.