Possibilistic information flow control in MAKS and action refinement

Authors:
Dieter Hutter
Affiliations:
German Research Center for Artificial Intelligence (DFKI GmbH), Saarbrücken, Germany
Venue:
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Year:
2006

Citing 11
Cited 2

Event structures

Advances in Petri nets 1986, part II on Petri nets: applications and relationships to other models of concurrency
Refinement of actions and equivalence notions for concurrent systems

Acta Informatica
Process algebra and non-interference

Journal of Computer Security
A Calculus of Communicating Systems

A Calculus of Communicating Systems
Bisimulation and Unwinding for Verifying Possibilistic Security Properties

VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Configuration Structures

LICS '95 Proceedings of the 10th Annual IEEE Symposium on Logic in Computer Science
Possibilistic Definitions of Security - An Assembly Kit

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A general theory of security properties

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Preserving Information Flow Properties under Refinement

SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Action Refinement

Action Refinement

Preserving security properties under refinement

Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Stepwise development of secure systems

SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Formal methods emphasizes the need for a top-down approach when developing large reliable software systems. Refinements are used to map step by step abstract algebraic specifications to executable specifications. Action refinements are used to add detailed design information to abstract actions. Information flow control is used to specify and verify the admissible flow of confidential information in a complex system. However, it is well-known that in general action refinement will not preserve information flow properties which have been proved on an abstract level. In this paper we develop criteria ensuring that these properties are inherited during action refinement. We adopt Mantel's MAKS framework on possibilistic information flow control to formulate security predicates but advance to configuration structures instead of trace event systems to cope with necessary modeling of concurrency.