An iterative approach for the satisfaction of security using the intransitive non-interference property

Authors:
Achraf Ben Said;Nejib Ben Hadj-Alouane;Moez Yeddes;Feng Lin
Affiliations:
National School of Computer Sciences, University of Manouba, Tunisia;National School of Computer Sciences, University of Manouba, Tunisia;National School of Computer Sciences, University of Manouba, Tunisia;Department of Electrical and Computer Engineering, Wayne State University, Detroit, MI and School of Electronics and Information Engineering, Tongji University, Shanghai, China
Venue:
VECoS'11 Proceedings of the Fifth international conference on Verification and Evaluation of Computer and Communication Systems
Year:
2011

Citing 10
Cited 0

An Experience Using Two Covert Channel Analysis Techniques on a Real System Design

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Supervisory control of a class of discrete event processes

SIAM Journal on Control and Optimization
On observability of discrete-event systems

Information Sciences: an International Journal - Robotics and Automation/Control Series
The infimal prefix-closed and observable superlanguage of given language

Systems & Control Letters
A General Theory of Composition for a Class of "Possibilistic" Properties

IEEE Transactions on Software Engineering
Process Algebra and Non-interference

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
What is Intransitive Noninterference?

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSP and determinism in security modelling

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
On the verification of intransitive noninterference in mulitlevel security

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
What, indeed, is intransitive noninterference?

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we derive an iterative approach for the design of systems and protocols that are secure, with respect to intransitive non-interference (INI), a basic security property, assuring the non-devulgation of information through covert channels. Obviously, a system that does not satisfy INI, is, in some ways, not secure. Our iterative approach is composed of three steps : system design and modeling (1), INI verification (2), and INI satisfaction (3). The basic idea, is that a system's designer during the first step of design, is focused on developing the core and necessary functionality, perhaps, while paying little attention to INI. Then, security of the system is verified, and if INI is not satisfied, the system must be modified in order it to make it secure. These modifications must be carried out, in a minimal way, as to preserve, in as much as possible, its core behavior. Our approach uses formulas for computing the minimal superlangage satisfying the INI property. We also investigate the implementation of these formulas based on automata models. Our approach can be applied to all systems and protocols with a three level security lattice, typically, sufficient for systems using cryptographic protocols. We also give a case study that illustrates our approach applicability to cryptographic protocols and systems.