Collaborative Research: CT-T: Flexible, Decentralized Information-flow Control for Dynamic Environments

Project: Research project

Project Details




McDaniel, Patrick

PA St U University Park

Non-Lead Collaborative with 0524010, 0524035, 0524036

Protecting confidential information in dynamic, distributed environments whose participants have heterogeneous trust relationships is an important and difficult challenge. An important problem is how to consistently enforce security constraints in a practical manner as policies and the systems themselves evolve over time. Without care, inconsistently-viewed updates to policy could allow a principal to

perform actions granted by an old policy, or worse, could allow a principal to release information or perform actions authorized by neither an old nor a new policy, but rather an illegal combination of the two.

The objective of the proposed research is to develop, implement, and evaluate security infrastructure for providing strong end-to-end security guarantees in dynamic environments where policy can change. The researchers will explore a novel synthesis of the state-of-the-art in security-typed programming languages for governing information flow; analysis for uncovering dependencies between principals, programs, and policies; and distributed protocols for coordinating policy updates. To motivate and validate the design decisions, this infrastructure will be incorporated into the programming language Cyclone, a type-safe variant of C, and used to build and evaluate distributed file system.

Effective start/end date9/1/058/31/08


  • National Science Foundation: $234,585.00


Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.