You are here

Compiler Design of a Policy Specification Language for Conditional Gradual Release

Download pdf | Full Screen View

Date Issued:
2018
Abstract/Description:
Securing the confidentiality and integrity of information manipulated by computer software is an old yet increasingly important problem. Current software permission systems present on Android or iOS provide inadequate support for developing applications with secure information flow policies. To be useful, information flow control policies need to specify declassifications and the conditions under which declassification must occur. Having these declassifications scattered all over the program makes policies hard to find, which makes auditing difficult. To overcome these challenges, a policy specification language, 'Evidently' is discussed that allows one to specify information flow control policies separately from the program and which supports conditional gradual releases that can be automatically enforced. I discuss the Evidently grammar and modular semantics in detail. Finally, I discuss the implementational details of Evidently compiler within the Xtext language development environment and the implementation's enforcement of policies.
Title: Compiler Design of a Policy Specification Language for Conditional Gradual Release.
43 views
14 downloads
Name(s): Kashyap Harinath, Manasa, Author
Leavens, Gary, Committee Chair
Turgut, Damla, Committee Member
Wang, Liqiang, Committee Member
University of Central Florida, Degree Grantor
Type of Resource: text
Date Issued: 2018
Publisher: University of Central Florida
Language(s): English
Abstract/Description: Securing the confidentiality and integrity of information manipulated by computer software is an old yet increasingly important problem. Current software permission systems present on Android or iOS provide inadequate support for developing applications with secure information flow policies. To be useful, information flow control policies need to specify declassifications and the conditions under which declassification must occur. Having these declassifications scattered all over the program makes policies hard to find, which makes auditing difficult. To overcome these challenges, a policy specification language, 'Evidently' is discussed that allows one to specify information flow control policies separately from the program and which supports conditional gradual releases that can be automatically enforced. I discuss the Evidently grammar and modular semantics in detail. Finally, I discuss the implementational details of Evidently compiler within the Xtext language development environment and the implementation's enforcement of policies.
Identifier: CFE0007205 (IID), ucf:52274 (fedora)
Note(s): 2018-08-01
M.S.
Engineering and Computer Science, Computer Science
Masters
This record was generated from author submitted information.
Subject(s): Declassification -- Conditional Gradual Release -- Evidently -- Xtext -- Information Flow Control policies
Persistent Link to This Record: http://purl.flvc.org/ucf/fd/CFE0007205
Restrictions on Access: public 2018-08-15
Host Institution: UCF

In Collections