An information owner, possessing diverse data sources, might want to offer information services based on these sources to cooperation partners and to this end interact with these partners by receiving and sending messages, which the owner on his part generates by program execution. Independently from data representation or its physical storage, information release to a partner might be restricted by the owner's confidentiality policy on an integrated, unified view of the sources. Such a policy should even be enforced if the partner as an intelligent and only semi-honest attacker attempts to infer hidden information from message data, also employing background knowledge. For this problem of inference control, we present a framework for a unified, holistic control of information flow induced by program-based processing of the data sources to messages sent to a cooperation partner. Our framework expands on and combines established concepts for confidentiality enforcement and its verification and is instantiated in a Java environment. More specifically, as a hybrid control we combine gradual release of information via declassification, enforced by static program analysis using a security type system, with a dynamic monitoring approach. The dynamic monitoring employs flow tracking for generalizing values to be declassified under confidentiality policy compliance.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.