On Dynamic Security Policies: Specification, Security Conditions
and Enforcement.


This work is a recognition of the fact that security concerns are
dynamic: how we value the confidentiality or integrity of
information varies over time. We present the work necessary to
properly address dynamic concerns on the level of programming
languages, split into three parts.
First, we need a means to specify our dynamic concerns in a manner
that can be understood by a computer. We build on the Flow Locks
Framework as a suitable specification mechanism for such dynamic
policies. Secondly, having specified a dynamic policy we require
an understanding of what it means for a program to comply with that
policy. We identify and address several of the challenges that the
dynamic nature of policies introduces. Finally, given a policy
specification and a definition of policy compliance, we explore how
we can mechanically verify this compliance on programs. We present
two approaches: one static, using a type system, and one dynamic,
using a run-time monitor.