학술논문
Dimensions and principles of declassification
Document Type
Conference
Author
Source
18th IEEE Computer Security Foundations Workshop (CSFW'05) Computer Security Foundations Workshop Computer Security Foundations, 2005. CSFW-18 2005. 18th IEEE Workshop. :255-269 2005
Subject
Language
ISSN
1063-6900
2377-5459
2377-5459
Abstract
Computing systems often deliberately release (or declassify) sensitive information. A principal security concern for systems permitting information release is whether this release is safe: is it possible that the attacker compromises the information release mechanism and extracts more secret information than intended? While the security community has recognised the importance of the problem, the state-of-the-art in information release is, unfortunately, a number of approaches with somewhat unconnected semantic goals. We provide a road map of the main directions of current research, by classifying the basic goals according to what information is released, who releases information, where in the system information is released, and when information can be released. With a general declassification framework as a long-term goal, we identify some prudent principles of declassification. These principles shed light on existing definitions and may also serve as useful "sanity checks" for emerging models.