Preserving Information Flow Properties under Refinement
نویسنده
چکیده
In a stepwise development process, it is essential that system properties that have been already investigated in some phase need not be re-investigated in later phases. In formal developments, this corresponds to the requirement that properties are preserved under refinement. While safety and liveness properties are indeed preserved under most standard forms of refinement, it is well known that this is, in general, not true for information flow properties, a large and useful class of security properties. In this article, we propose a collection of refinement operators as a solution to this problem. We prove that these operators preserve information flow as well as other system properties. Thus, information flow properties become compatible with stepwise development. Moreover, we show that our operators are an optimal solution.
منابع مشابه
Preserving (Security) Properties under Action Refinement
In the design process of distributed systems we may have to replace abstract specifications of components by more concrete specifications, thus providing more detailed design information. In the context of process algebra this well-known approach is often referred to as action refinement. In this paper we study the relationships between action refinement, compositionality, and (security) proces...
متن کاملMaintaining Information Flow Security Under Refinement and Transformation
We address the problem of maintaining information flow security under refinement and transformation. To this end we define a schema for the specification of secure information flow properties and show that all security properties defined in the schema are preserved by a notion of refinement. Refinement is a process that requires human guidance and is in general not subject for automation. A tra...
متن کاملCompatibility of Safety Properties and Possibilistic Information Flow Security in MAKS
Motivated by typical security requirements of workflow management systems, we consider the integrated verification of both safety properties (e.g. separation of duty) and information flow security predicates of the MAKS framework (e.g. modeling confidentiality requirements). Due to the refinement paradox, enforcement of safety properties might violate possibilistic information flow properties o...
متن کاملAn Algebraic Approach for Reasoning About Information Flow
This paper concerns the analysis of information leaks in security systems. We address the problem of specifying and analyzing large systems in the (standard) channel model used in quantitative information flow (QIF). We propose several operators which match typical interactions between system components. We explore their algebraic properties with respect to the security-preserving refinement re...
متن کاملPreface Foundational aspects of security
• Joshua Guttman in “Establishing and preserving protocol security goals” proposes a model-theoretic approach to the verification of security properties, where the models are executions, and the security goals are implications over the geometric fragment of predicate logic. This methodology also leads to a new reading of protocol refinement and transformation, and offers the possibility of reas...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001