A sound type system for secure flow analysis
Journal of Computer Security
A Calculus of Communicating Systems
A Calculus of Communicating Systems
On the Composition of Secure Systems
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Formal Aspects of Computing
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Embedding verifiable information flow analysis
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
A certified lightweight non-interference java bytecode verifier
ESOP'07 Proceedings of the 16th European conference on Programming
Secure Systems Development with UML
Secure Systems Development with UML
A Logical Basis for Component-Oriented Software and Systems Engineering
The Computer Journal
Specifying model changes with UMLchange to support security verification of potential evolution
Computer Standards & Interfaces
Hi-index | 0.00 |
Non-interference is a semantically well-defined property that allows one to reason about the security of systems with respect to information flow policies for groups of users. Many of the security problems of implementations could be already spotted at design time if information flow would be a concern in early phases of software development. In this paper we propose a methodology for automatically verifying the interaction of objects whose behaviour is described by deterministic UML State-charts with respect to information flow policies, based on the so-called unwinding theorem. We have extended this theorem to cope with the particularities of state-charts: the use of variables, guards, actions and hierarchical states and derived results about its compositionality. In order to validate our approach, we report on an implementation of our enhanced unwinding techniques and applications to scenarios from the Smart Metering domain.