Advances in Petri nets 1986, part II on Petri nets: applications and relationships to other models of concurrency
Refinement of actions and equivalence notions for concurrent systems
Acta Informatica
Process algebra and non-interference
Journal of Computer Security
A Calculus of Communicating Systems
A Calculus of Communicating Systems
Bisimulation and Unwinding for Verifying Possibilistic Security Properties
VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
LICS '95 Proceedings of the 10th Annual IEEE Symposium on Logic in Computer Science
Possibilistic Definitions of Security - An Assembly Kit
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
A general theory of security properties
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Preserving Information Flow Properties under Refinement
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Action Refinement
Preserving security properties under refinement
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Stepwise development of secure systems
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Hi-index | 0.00 |
Formal methods emphasizes the need for a top-down approach when developing large reliable software systems. Refinements are used to map step by step abstract algebraic specifications to executable specifications. Action refinements are used to add detailed design information to abstract actions. Information flow control is used to specify and verify the admissible flow of confidential information in a complex system. However, it is well-known that in general action refinement will not preserve information flow properties which have been proved on an abstract level. In this paper we develop criteria ensuring that these properties are inherited during action refinement. We adopt Mantel's MAKS framework on possibilistic information flow control to formulate security predicates but advance to configuration structures instead of trace event systems to cope with necessary modeling of concurrency.