# Type-based Declassification for Free

**Authors:** Minh Ngo, David A. Naumann, Tamara Rezk

arXiv: 1905.00922 · 2020-07-20

## TL;DR

This paper introduces a method to leverage existing programming language type systems to enforce information flow security policies with declassification, ensuring security through typechecking based on data abstraction principles.

## Contribution

It presents a novel approach translating declassification policies into type interfaces compatible with standard typecheckers, ensuring security soundness via Reynolds' abstraction theorem.

## Key findings

- Type-based security enforcement compatible with standard typecheckers
- Formal proof of security soundness using data abstraction
- Practical framework for flexible declassification policies

## Abstract

This work provides a study to demonstrate the potential of using off-the-shelf programming languages and their theories to build sound language-based-security tools. Our study focuses on information flow security encompassing declassification policies that allow us to express flexible security policies needed for practical requirements. We translate security policies, with declassification, into an interface for which an unmodified standard typechecker can be applied to a source program---if the program typechecks, it provably satisfies the policy. Our proof reduces security soundness---with declassification---to the mathematical foundation of data abstraction, Reynolds' abstraction theorem.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1905.00922/full.md

## Figures

70 figures with captions in the complete paper: https://tomesphere.com/paper/1905.00922/full.md

## References

54 references — full list in the complete paper: https://tomesphere.com/paper/1905.00922/full.md

---
Source: https://tomesphere.com/paper/1905.00922