As part of the LaBaSec project, we have investigated the design of new languages that enable easy definition and automatic enforcement of access-control and information-flow policies:- Information-Based Access Control (IBAC). Given a program whose components have been granted different authorization levels, IBAC automatically extracts an information-flow integrity policy out of the access-control policy, and simultaneously enforces both the access-control and information-flow policy. A paper on IBAC appeared in the proceedings of the IEEE Symposium on Security and Privacy 2007, Oakland, CA, May 2007.
- λI: Simultaneous Tracking of Multiple, Interdependent Dimensions of Information. λI is a new language that allows simultaneous tracking of multiple dimensions of information, such as integrity of confidentiality. More importantly, λI allows for tracking the flow of information that is generated by the information-flow metadata itself. For example, integrity labels on the values used by a program can themselves cause integrity violations, making it necessary for the underlying language to track integrity on integrity. Similarly, a confidentiality label can itself be confidential, thereby making it necessary to express and enforce the confidentiality of a confidentiality policy. In the same way, integrity labels can be confidential, and confidentiality labels may have an integrity meaning. Rather than collapsing all the integrity and confidentiality labels into one label using a lattice operation (meet or join) like other languages do, λI maintains, for each value, the history of the influences on that value. That history can then be used at enfocement time. A paper on λI is under submission. A research report is available.
We are currently in the process of designing and implementing Lupo, a language that allows for sound tracking and enforcement of information-flow policies with different levels of precisions, depending on the security and performance requirement of a system. Exploring the sublinks in the menu on the left will provide more details on these projects.
