Process Algebra and Bisimulation Techniques for Information Security
نویسندگان
چکیده
Information flow typically refers to the direct as well as implicit information resulting from the interaction of cyber processes constituting a system. Information flow also occurs in cyber-physical systems (CPSs). Information flow is difficult to detect in CPSs, due to their physical nature and complex interactions among various computational and physical components. In this work, formal methods of security specification and verification are extended to describe confidentiality in CPSs. This paper presents a general approach to specify and verify information flow properties, such as non-deducibility, in a CPS using bisimulation techniques.
منابع مشابه
Comparing Two Information Flow Security Properties
In this paper we compare two information flow security properties: the lazy security (L-Sec) [11] and the Bisimulation Non-deducibility on Compositions (BNDC) [4]. To make this we define the Failure Non-deducibility on Compositions, a failure semantics version of the BNDC. The common specification language used for the comparison is the Security Process Algebra [4], an extension of CCS [8] whic...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملMathematical Models of Computer Security
In this chapter I present a process algebraic approach to the modelling of security properties and policies. I will concentrate on the concept of secrecy, also known as confidentiality, and in particular on the notion of non-interference. Non-interference seeks to characterise the absence of information flows through a system and, as such, is a fundamental concept in information security. A cen...
متن کاملAn Information Flow Method to Detect Denial of Service Vulnerabilities
Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The first contribution of this paper is to introduce a new security property called impassivity designed to...
متن کاملUsing Admissible Interference to Detect Denial of Service Vulnerabilities
Meadows recently proposed a formal cost-based framework for analysis of denial of service. It was showed how some principles that have already been used to make cryptographic protocols more resistant to denial of service by trading off the cost to defender against the cost to the attacker can be formalized. The first contribution of this paper is to introduce a new security property called impa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011