@InProceedings{	  mantel.ea:controlling:2007,
  abstract	= {While a rigorous information flow analysis is a key step
		  in obtaining meaningful end-to-end confidentiality
		  guarantees, one must also permit possibilities for
		  declassification.Sabelfeld and Sands categorized the
		  existing approaches to controlling declassification in
		  their overview along four dimensions and according to four
		  prudent principles.In this article, we propose three novel
		  security conditions for controlling the dimensions where
		  and what, and we explain why these conditions constitute
		  improvements over prior approaches. Moreover, we present a
		  type-based security analysis and, as another novelty, prove
		  a soundness result that considers more than one dimension
		  of declassification.},
  author	= {Heiko Mantel and Alexander Reinhard},
  booktitle	= {Proceedings of the 16th European Symposium on Programming
		  (ESOP)},
  editor	= {Rocco De Nicola},
  isbn		= {978-3-540-71314-2},
  pages		= {141--156},
  pdf		= {https://www.mais.informatik.tu-darmstadt.de/WebBib/papers/2007/2007ESOPMantelReinhard_forWebsite.pdf},
  publisher	= {Springer},
  series	= {LNCS},
  title		= {Controlling the What and Where of Declassification in
		  Language-Based Security},
  volume	= 4421,
  year		= 2007
}