Maintaining information flow security under refinement and transformation

Authors:
Fredrik Seehusen;Ketil Stølen
Affiliations:
SINTEF Information and Communication Technology, Norway and University of Oslo, Norway;SINTEF Information and Communication Technology, Norway and University of Oslo, Norway
Venue:
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Year:
2006

Citing 13
Cited 2

Communicating sequential processes

Communicating sequential processes
Prespecification in data refinement

Information Processing Letters
Refinement of actions and equivalence notions for concurrent systems

Acta Informatica
Specification and development of interactive systems: focus on streams, interfaces, and refinement

Specification and development of interactive systems: focus on streams, interfaces, and refinement
Classification of Security Properties (Part I: Information Flow)

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Possibilistic Definitions of Security - An Assembly Kit

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Confidentiality-Preserving Refinement

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSP and determinism in security modelling

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A general theory of security properties

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Preserving Information Flow Properties under Refinement

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Refining UML interactions with underspecification and nondeterminism

Nordic Journal of Computing
Information flow property preserving transformation of UML interaction diagrams

Proceedings of the eleventh ACM symposium on Access control models and technologies
Secure Systems Development with UML

Secure Systems Development with UML

Action Refinement in Process Algebra and Security Issues

Logic-Based Program Synthesis and Transformation
Unifying theories of confidentiality

UTP'10 Proceedings of the Third international conference on Unifying theories of programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

We address the problem of maintaining information flow security under refinement and transformation. To this end we define a schema for the specification of secure information flow properties and show that all security properties defined in the schema are preserved by a notion of refinement. Refinement is a process that requires human guidance and is in general not subject for automation. A transformation on the other hand, is an executable function mapping specifications to specifications. We define an interpretation of transformations and propose a condition under which transformations maintain security.