Conference paper

A language for information flow: Dynamic tracking in multiple interdependent dimensions


This paper presents λI, a language for dynamic tracking of information flow across multiple, interdependent dimensions of information. Typical dimensions of interest are integrity and confidentiality. λI supports arbitrary domainspecific policies that can be developed independently. λI treats information-flow metadata as a first-class entity and tracks information flow on the metadata itself (integrity on integrity, integrity on confidentiality, etc.). This paper also introduces IMPOLITE, a novel class of information-flow policies for λI . Unlike many systems, which only allow for absolute-security relations, IMPOLITE can model more realistic security policies based on relativesecurity relations. IMPOLITE demonstrates how policies on interdependent dimensions of information can be simultaneously enforced within λI 's unified framework. Copyrightc 2009.
