BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Declassification Policy Inference - Jeff Vaughan (Harvard Universi
 ty)
DTSTART:20100416T130000Z
DTEND:20100416T140000Z
UID:TALK24117@talks.cam.ac.uk
CONTACT:Sam Staton
DESCRIPTION:Security-type systems can provide strong information security 
 guarantees \nbut often require enormous programmer effort to be used in pr
 actice. In \nthis talk\, I will describe inference of fine-grained\, human
 -readable \ndeclassification policies as a step towards providing security
  \nguarantees that are proportional to a programmer's effort: the \nprogra
 mmer should receive weak (but sound) security guarantees for \nlittle effo
 rt\, and stronger guarantees for more effort.\n\nI will present an informa
 tion-flow type system with where policies may \nbe inferred from existing 
 program structure.  The inference algorithm \ncan find precise and intuiti
 ve descriptions of potentially dangerous \ninformation flows in a program\
 , and policies specify what information is \nreleased under what condition
 s.  A semantic security condition specifies \nwhat it means for a program 
 to satisfy a policy.\n\nOur work demonstrates the soundness of an analysis
  for programs in a \nsimple imperative language with exceptions.  Furtherm
 ore\, we have \nextended the analysis to an object-sensitive interprocedur
 al analysis \nfor single-threaded Java 1.4 programs and developed a protot
 ype \nimplementation.
LOCATION:Room FW11\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR