Accountability for Information Flow via Explicit Formal Proof

Abstract

Logical techniques have been developed that capture both authorization and information flow requirements in security applications. These logical techniques achieve a significantly higher degree of end-to-end accountability in distributed systems than is currently possible. Furthermore, a case study has shown that these techniques are applicable to security policies that are relevant to the needs of the intelligence community while providing much greater flexibility in security policy specification. A prototype implementation has demonstrated the practicality of the proposed file system architecture. Symantec, the industrial partner in the project, is presently pursuing a significant related business opportunity.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2009
Accession Number
ADA508600

Entities

People

  • Brian Witten
  • Frank Pfenning
  • Lujo Bauer
  • Michael Reiter
  • Peter P Lee

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Accountability
  • Air Force Research Laboratories
  • Case Studies
  • Communities
  • Computer Access Control
  • Computer Programs
  • Computer Science
  • Contracts
  • Formal Languages
  • Government Procurement
  • Governments
  • Intelligence Community
  • Intelligence Community (United States)
  • Security
  • Specifications
  • Standards
  • Word Processors

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Fluid Dynamics.
  • Strategic Security Studies