MAP-REDUCE Enforcement Framework of Information Flow Policies
Research Area: | Uncategorized | Year: | 2013 |
---|---|---|---|
Type of Publication: | In Proceedings | ||
Authors: |
|
||
Book title: | Workshop on Foundations of Computer Security (FCS 2013) | ||
BibTex: |
|||
Note: | Partner: UNITN; project: NESSOS; NO TIER; citation: 0 |
||
Abstract: | We propose a fexible framework that can be easily customized to enforce a large variety of information ow properties. Our framework
combines the ideas of secure multi-execution and map-reduce computations. The information
flow property of choice can be obtained by simply
changes to a map (or reduce) program that control parallel executions.
We present the architecture of the enforcement mechanism and its
customizations for non-interference (NI) (from Devriese and Piessens) and
some properties proposed by Mantel, such as removal of inputs (RI) and
deletion of inputs (DI), and demonstrate formally soundness and precision
of enforcement for these properties. |
||
[Bibtex] |