IEEE Transactions on Software Engineering
Proof, language, and interaction
Communication and Concurrency
Analysis of security protocols as open systems
Theoretical Computer Science
Classification of Security Properties (Part I: Information Flow)
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Partial Model Checking and Theorem Proving for Ensuring Security Properties
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Process Algebra and Non-interference
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Semantic models for information flow
Theoretical Computer Science - Mathematical foundations of programming semantics
Information flow in secure contexts
Journal of Computer Security
Synthesis of Local Controller Programs for Enforcing Global Security Properties
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Real-time information flow analysis
IEEE Journal on Selected Areas in Communications
Probing attacks on multi-agent systems using electronic institutions
DALT'11 Proceedings of the 9th international conference on Declarative Agent Languages and Technologies
Hi-index | 0.01 |
In this paper we present a framework for the specification of information flow properties for distributed systems. We consider partially specified distributed systems in which there are several unspecified components located in different places. As a case study, in this paper we consider the notion of Non Deducibility on Composition, NDC for short, originally proposed for nondeterministic systems and based on trace semantics. We study how this information flow property can be extended in order to deal also with distributed partially specified systems. In particular, we adapt the NDC property to distributed systems by distinguishing between two different approaches. The first one we call centralized NDC, according to which there is just one unspecified global component that has complete control of the n distributed locations where interaction occurs between the system and the unspecified component. The second one is called distributed NDC, according to which there is one unspecified component for each distributed location, and the n unspecified components are completely independent, i.e., they cannot coordinate or cooperate each other. Surprisingly enough, we prove that centralized NDC is as discriminating as decentralized NDC. However, when we move to Bisimulation-based Non-Deducibility on Composition, BNDC for short, the situation is completely different. Indeed, we prove that centralized BNDC is strictly finer than decentralized BNDC, hence proving the quite expected fact that a system that can resist to coordinated attacks is also able to resist to simpler attacks performed by independent entities.