Accession Number:

ADA508600

Title:

Accountability for Information Flow via Explicit Formal Proof

Descriptive Note:

Final rept. May 2007-May 2009

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE

Report Date:

2009-10-01

Pagination or Media Count:

24.0

Abstract:

Logical techniques have been developed that capture both authorization and information flow requirements in security applications. These logical techniques achieve a significantly higher degree of end-to-end accountability in distributed systems than is currently possible. Furthermore, a case study has shown that these techniques are applicable to security policies that are relevant to the needs of the intelligence community while providing much greater flexibility in security policy specification. A prototype implementation has demonstrated the practicality of the proposed file system architecture. Symantec, the industrial partner in the project, is presently pursuing a significant related business opportunity.

Subject Categories:

  • Information Science
  • Computer Programming and Software
  • Military Intelligence
  • Command, Control and Communications Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE