Intransitive noninterference in nondeterministic systems

Authors:
Kai Engelhardt;Ron van der Meyden;Chenyi Zhang
Affiliations:
The University of New South Wales, Sydney, NSW 2052, Australia;The University of New South Wales, Sydney, NSW 2052, Australia;The University of Queensland, Brisbane, QLD 4072, Australia
Venue:
Proceedings of the 2012 ACM conference on Computer and communications security
Year:
2012

Citing 13
Cited 0

Extending the Noninterference Version of MLS for SAT

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Information Flow Control and Applications - Bridging a Gap

FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
What is Intransitive Noninterference?

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Secrecy in Multiagent Systems

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Information Flow Security in Dynamic Contexts

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Design and verification of secure systems

SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Intransitive Non-Interference for Cryptographic Purposes

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A General Theory of Composition for Trace Sets Closed under Selective Interleaving Functions

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Modelling Downgrading in Information Flow Security

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
A comparison of semantic models for noninterference

Theoretical Computer Science
A ternary knowledge relation on secrets

Proceedings of the 13th Conference on Theoretical Aspects of Rationality and Knowledge
On intransitive non-interference in some models of concurrency

Foundations of security analysis and design VI
What, indeed, is intransitive noninterference?

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper addresses the question of how TA-security, a semantics for intransitive information-flow policies in deterministic systems, can be generalized to nondeterministic systems. Various definitions are proposed, including definitions that state that the system enforces as much of the policy as possible in the context of attacks in which groups of agents collude by sharing information through channels that lie outside the system. Relationships between the various definitions proposed are characterized, and an unwinding-based proof technique is developed. Finally, it is shown that on a specific class of systems, access control systems with local non-determinism, the strongest definition can be verified by checking a simple static property.