Systematic software development using VDM (2nd ed.)
Systematic software development using VDM (2nd ed.)
A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Refinement in Z and object-Z: foundations and advanced applications
Refinement in Z and object-Z: foundations and advanced applications
Problem frames: analyzing and structuring software development problems
Problem frames: analyzing and structuring software development problems
Computer
Probabilistic Simulations for Probabilistic Processes
CONCUR '94 Proceedings of the Concurrency Theory
Météor: A Successful Application of B in a Large Project
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
Confidentiality-Preserving Refinement
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSP and determinism in security modelling
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
A general theory of security properties
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Preserving Information Flow Properties under Refinement
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Secure Systems Development with UML
Secure Systems Development with UML
Possibilistic information flow control in MAKS and action refinement
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
A formal framework for confidentiality-preserving refinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
A Foundation for Requirements Analysis of Dependable Software
SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
| Hi-index | 0.00 |
System development by stepwise refinement is a well-established method in classical software engineering. We discuss how this method can be adapted to systematically incorporate security issues, in particular, confidentiality into the software construction process. Starting with an abstract system model that precisely captures the relevant confidentiality requirements, subsequent refinements produce models which introduce more detail or relax assumptions on the environment. For each refinement, changing adversary capabilities must be captured and their compatibility with the given confidentiality requirements must be established. In this context, security, and dependability in general, are existential properties: The existence of a secure implementation must be kept invariant during the development process. This considerably adds to the complexity of a development.