Preserving Secrecy Under Refinement
نویسندگان
چکیده
We propose a general framework of secrecy and preservation of secrecy for labeled transition systems. Our definition of secrecy is parameterized by the distinguishing power of the observer, the properties to be kept secret, and the executions of interest, and captures a multitude of definitions in the literature. We define a notion of secrecy preserving refinement between systems by strengthening the classical trace-based refinement so that the implementation leaks a secret only when the specification also leaks it. We show that secrecy is in general not definable in μ-calculus, and thus not expressible in specification logics supported by standard model-checkers. However, we develop a simulation-based proof technique for establishing secrecy preserving refinement. This result shows how existing refinement checkers can be used to show correctness of an implementation with respect to a specification.
منابع مشابه
D4.3 Tool Support for Evolution-Aware Security Checks and Monitor Generation
The composition of processes is in general not secrecy pre-serving under the Dolev-Yao attacker model. In this paper, we describean algorithmic decision procedure which determines whether the com-position of secrecy preserving processes is still secrecy preserving. As acase-study we consider a variant of the TLS protocol where, even thoughthe client and server considered sep...
متن کاملConfidentiality-Preserving Refinement is Compositional - Sometimes
Confidentiality-preserving refinement describes a relation between a specification and an implementation that ensures that all confidentiality properties required in the specification are preserved by the implementation in a probabilistic setting. The present paper investigates the condition under which that notion of refinement is compositional, i.e. the condition under which refining a subsys...
متن کاملSecrecy-Preserving Reasoning using Secrecy Envelopes
Inmany applications of networked information systems, the need to share information often has to be balanced against the need to protect secret information from unintended disclosure, e.g., due to copyright, privacy, security, or commercial considerations. We study the problem of secrecy-preserving reasoning, that is, answering queries using secret information, whenever it is possible to do so,...
متن کاملFeature enhancing aerial lidar point cloud refinement
Raw aerial LiDAR point clouds often suffer from noise and under-sampling, which can be alleviated by feature preserving refinement. However, existing approaches are limited to only preserving normal discontinuous features (ridges, ravines and crest lines) while position discontinuous features (boundaries) are also universal in urban scenes. We present a new refinement approach to accommodate un...
متن کاملPreserving (Security) Properties under Action Refinement
In the design process of distributed systems we may have to replace abstract specifications of components by more concrete specifications, thus providing more detailed design information. In the context of process algebra this well-known approach is often referred to as action refinement. In this paper we study the relationships between action refinement, compositionality, and (security) proces...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006