Some of the standard literature on information flow is linked below along with the corresponding review. Reviews should include the author's intent, his/her definition of security (both formal and informal), any particularly interesting examples, and the reviewer's overall opinion of the work.
D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, May 1976. Review
J. A. Gorguen and J. Meseguer. Security policies and security models. Proceedings of the 1982 IEEE Computer Society Symposium on Research in Security and Privacy, pgs 11-20, Oakland, CA, 1982.
J. A. Gorguen and J. Meseguer. Unwinding and inference control. Proceedings of the 1984 IEEE Computer Society Symposium on Research in Security and Privacy, pgs 75-86, Oakland, CA, 1984.
D. Sutherland. A model of information. Proceedings of the 9th National Computer Security Conference. pgs 175-183. 1986.
D. McCullough. Specifications for multi-level security and a hook-up property. Proceedings of the 1987 IEEE Computer Society Symposium on Research in Security and Privacy, pgs 161-166, Oakland, CA, 1987. Review
D. McCullough. Noninterference and the composability of security properties. Proceedings of the 1988 IEEE Computer Society Symposium on Research in Security and Privacy, pgs 161-166, Oakland, CA, 1988.
J. McLean. Security models and information flow. Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, 1990. Review
J. McLean. A General Theory of Composition for Trace Sets Closed Under Selective Interleaving Functions. Center for High Assurance Computer Systems, Naval Research Laboratory, 1994.
J. T. Wittbold and D. M. Johnson. Information flow in nondeterministic systems. Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, 1990.
J. C. Wray. An analysis of covert timing channels. Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, 2-7, Oakland, CA, 1991.
A. Zakinthinos. On the Composition of Security Properties. PhD thesis. University of Toronto. 1996. Review
James W. Gray, III and Paul G. Syverson. A logical approach to multilevel security of probabilistic systems. Distributed Computing, 73-90, 1998. Review
P. Y. A. Ryan and S. A. Schneider. Process Algebra and Non-interference. The IEEE Proceedings of the 12th Computer Security Foundations Workshop. 1999. Review
H. Mantel. Possibilistic Definitions of Security - An Assembly Kit. Proceedings of the IEEE Computer Security Foundations Workshop, pgs. 185-199, 2000.
Website created and maintained by: Vicky Weissman ( vickyw@cs.cornell.edu )