Unifying Theories of Confidentiality
نویسندگان
چکیده
This paper presents a framework for reasoning about the security of confidential data within software systems. A novelty is that we use Hoare and He’s Unifying Theories of Programming (UTP) to do so and derive advantage from this choice. We identify how information flow between users can be modelled in the UTP and devise conditions for verifying that system designs may not leak secret information to untrusted users. We also investigate how these conditions can be combined with existing notions of refinement to produce refinement relations suitable for deriving secure implementations of systems.
منابع مشابه
On confidentiality and formal methods
The contemporary challenge of engineering verifiably secure software has motivated various techniques for measuring and regulating the flow of confidential data from systems to their users. Unfortunately, these techniques suffer from a lack of integration with modern formal methods for software development, which inhibits their application in practice. This thesis proposes a novel approach for ...
متن کاملرازداری در علوم پزشکی
Confidentiality is an inevitable pillar of the history of the physician-patient relationship. Misunderstanding of this principle not only causes harm to sanctity of the medical profession, but also can damage the quality of the therapeutic relationship, and more broadly public health. The keystone of this negative effect is the potential harm to the patients’ trust and confidence. Generally, th...
متن کاملUnifying Theories of Logic and Specification
We propose a unifying treatment of multi-valued logic in the general context of specification, presented in the style of the Unifying Theories of Programming of Hoare and He. At a low level, UTP theories correspond to different types of three-valued logic. At higher levels they correspond to individual specifications. Designs are considered as their models, but members of other unifying theorie...
متن کاملUnifying Theories of Programming in Isabelle
This is a tutorial introduction to the two most basic theories in Hoare & He’s Unifying Theories of Programming and their mechanisation in the Isabelle interactive theorem prover. We describe the theories of relations and of designs (pre-postcondition pairs), interspersed with their formalisation in Isabelle and example mechanised proofs.
متن کاملRetrospective and Prospective for Unifying Theories of Programming
This paper presents a personal account of developments leading to Unifying Theories of Programming, and some opinions about the direction the work should take in the future. It also speculates on consequences the work will have for all of computer science.
متن کامل