An Automata Based Approach for Verifying Information Flow Properties

Authors:
Deepak D'Souza;K. R. Raghavendra;Barbara Sprick
Affiliations:
Department of Computer Science and Automation, Indian Institute of Science, Bangalore, India;Department of Computer Science and Automation, Indian Institute of Science, Bangalore, India;Department of Computer Science and Automation, Indian Institute of Science, Bangalore, India
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2005

Citing 7
Cited 3

The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties

IEEE Transactions on Software Engineering
Automatic Compositional Verification of Some Security Properties

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Bisimulation and Unwinding for Verifying Possibilistic Security Properties

VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Unwinding Possibilistic Security Properties

ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Possibilistic Definitions of Security - An Assembly Kit

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A general theory of security properties

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy

On the Decidability of Model-Checking Information Flow Properties

ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Synthesis of Non-Interferent Timed Systems

FORMATS '09 Proceedings of the 7th International Conference on Formal Modeling and Analysis of Timed Systems
Model-checking trace-based information flow properties

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present an automated verification technique to verify trace based information flow properties for finite state systems. We show that the Basic Security Predicates (BSPs) defined by Mantel in [Mantel, H., Possibilistic Definitions of Security - An Assembly Kit, in: Proceedings of the 13th IEEE Computer Security Foundations Workshop (2000), pp. 185-199], which are shown to be the building blocks of known trace based information flow properties, can be characterised in terms of regularity preserving language theoretic operations. This leads to a decision procedure for checking whether a finite state system satisfies a given BSP. Verification techniques in the literature (e.g. unwinding) are based on the structure of the transition system and are incomplete in some cases. In contrast, our technique is language based and complete for all information flow properties that can be expressed in terms of BSPs.