Download now Free registration required
Many organizations specify information release policies to describe the terms under which sensitive information may be released to other organizations. This paper presents a new approach for ensuring that security-critical software correctly enforces its information release policy. The approach has two parts. First, an information release policy is specified as a security automaton written in a new language called AIR. Second, the authors enforce an AIR policy by translating it into an API for programs written in AIR, a core formalism for a functional programming language.
- Format: PDF
- Size: 200.5 KB