Home Publications

MAP-REDUCE Enforcement Framework of Information Flow Policies

Research Area: Uncategorized Year: 2013
Type of Publication: In Proceedings
  • Ngo, Minh
  • Massacci, Fabio
  • Gadyatskaya, Olga
Book title: Workshop on Foundations of Computer Security (FCS 2013)
Partner: UNITN; project: NESSOS; NO TIER; citation: 0
We propose a fexible framework that can be easily customized to enforce a large variety of information ow properties. Our framework combines the ideas of secure multi-execution and map-reduce computations. The information flow property of choice can be obtained by simply changes to a map (or reduce) program that control parallel executions. We present the architecture of the enforcement mechanism and its customizations for non-interference (NI) (from Devriese and Piessens) and some properties proposed by Mantel, such as removal of inputs (RI) and deletion of inputs (DI), and demonstrate formally soundness and precision of enforcement for these properties.