Programming from specifications (2nd ed.)
Programming from specifications (2nd ed.)
A note on the confinement problem
Communications of the ACM
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Confidentiality-Preserving Refinement is Compositional - Sometimes
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Possibilistic Definitions of Security - An Assembly Kit
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
On the Composition of Secure Systems
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
CSP and determinism in security modelling
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Preservation of probabilistic information flow under refinement
Information and Computation
Formal Aspects of Computing
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
The Shadow Knows: Refinement and security in sequential programs
Science of Computer Programming
How to Brew-up a Refinement Ordering
Electronic Notes in Theoretical Computer Science (ENTCS)
Maintaining information flow security under refinement and transformation
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
On modelling user observations in the UTP
UTP'10 Proceedings of the Third international conference on Unifying theories of programming
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A formal framework for confidentiality-preserving refinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Specifying confidentiality in circus
FM'11 Proceedings of the 17th international conference on Formal methods
Hi-index | 0.00 |
This paper presents a framework for reasoning about the security of confidential data within software systems. A novelty is that we use Hoare and He's Unifying Theories of Programming (UTP) to do so and derive advantage from this choice. We identify how information flow between users can be modelled in the UTP and devise conditions for verifying that system designs may not leak secret information to untrusted users. We also investigate how these conditions can be combined with existing notions of refinement to produce refinement relations suitable for deriving secure implementations of systems.