Title :
A Cut Principle for Information Flow
Author :
Guttman, Joshua D. ; Rowe, Paul D.
Abstract :
We view a distributed system as a graph of active locations with unidirectional channels between them, through which they pass messages. In this context, the graph structure of a system constrains the propagation of information through it. Suppose a set of channels is a cut set between an information source and a potential sink. We prove that, if there is no disclosure from the source to the cut set, then there can be no disclosure to the sink. We introduce a new formalization of partial disclosure, called blur operators, and show that the same cut property is preserved for disclosure to within a blur operator. A related compositional principle ensures limited disclosure for a class of systems that differ only beyond the cut.
Keywords :
Bismuth; Context; Indexes; Nominations and elections; Protocols; Security; Semantics; Information flow security; graph models; partial order execution models;
Conference_Titel :
Computer Security Foundations Symposium (CSF), 2015 IEEE 28th
Conference_Location :
Verona, Italy
DOI :
10.1109/CSF.2015.15
