Communicating sequential processes
Communicating sequential processes
A lattice model of secure information flow
Communications of the ACM
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Distributed Algorithms
Semantics and Program Analysis of Computationally Secure Information Flow
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Unwinding Possibilistic Security Properties
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
A general theory of security properties
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Intransitive Non-Interference for Cryptographic Purposes
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
Relating cryptography and formal methods: a panel
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
Relating Symbolic and Cryptographic Secrecy
IEEE Transactions on Dependable and Secure Computing
Secure information flow with random assignment and encryption
Proceedings of the fourth ACM workshop on Formal methods in security
Approximating Imperfect Cryptography in a Formal Model
Electronic Notes in Theoretical Computer Science (ENTCS)
Security in business process engineering
BPM'03 Proceedings of the 2003 international conference on Business process management
Formal Verification of Differential Privacy for Interactive Systems (Extended Abstract)
Electronic Notes in Theoretical Computer Science (ENTCS)
Justifying a dolev-yao model under active attacks
Foundations of Security Analysis and Design III
Towards a formal treatment of secrecy against computational adversaries
GC'04 Proceedings of the 2004 IST/FET international conference on Global Computing
Quantifying probabilistic information flow in computational reactive systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A cryptographic model for branching time security properties: the case of contract signing protocols
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.01 |
In recent times information flow and non-interference have become very popular concepts for expressing both integrity and privacy properties. We present the first general definition of probabilistic non-interference in reactive systems which includes a computational case. This case is essential to cope with real cryptography since noninterference properties can usually only be guaranteed if the underlying cryptographic primitives have not been broken. This might happen, but only with negligible probability. Furthermore, our definition links noninterference with the common approach of simulatability that modern cryptography often uses. We show that our definition is maintained under simulatability, which allows secure composition of systems, and we present a general strategy how cryptographic primitives can be included in information flow proofs. As an example we present an abstract specification and a possible implementation of a cryptographic firewall guarding two honest users from their environment.