A General Theory of Composition for a Class of "Possibilistic" Properties
IEEE Transactions on Software Engineering
An attack on a recursive authentication protocol. A cautionary tale
Information Processing Letters
A calculus for cryptographic protocols
Information and Computation
Specification and development of interactive systems: focus on streams, interfaces, and refinement
Specification and development of interactive systems: focus on streams, interfaces, and refinement
Software Engineering Economics
Software Engineering Economics
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Non-Interference Through Determinism
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Secure Information Flow for Concurrent Processes
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
CONCUR '00 Proceedings of the 11th International Conference on Concurrency Theory
Formal Verification of Cryptographic Protocols: A Survey
ASIACRYPT '94 Proceedings of the 4th International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
TCS '00 Proceedings of the International Conference IFIP on Theoretical Computer Science, Exploring New Frontiers of Theoretical Informatics
FME '94 Proceedings of the Second International Symposium of Formal Methods Europe on Industrial Benefit of Formal Methods
Process Algebra and Non-interference
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Secure Composition of Untrusted Code: Wrappers and Causality Types
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Possibilistic Definitions of Security - An Assembly Kit
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Tool Supported Specification and Simulation of Distributed Systems
PDSE '98 Proceedings of the International Symposium on Software Engineering for Parallel and Distributed Systems
Using Traces of Procedure Calls to Reason About Composability
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Confidentiality-Preserving Refinement is Compositional - Sometimes
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Formally Testing Fail-Safety of Electronic Purse Protocols
Proceedings of the 16th IEEE international conference on Automated software engineering
Confidentiality-Preserving Refinement
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Bisimulation for Demonic Schedulers
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Developing security protocols by refinement
Proceedings of the 17th ACM conference on Computer and communications security
Preserving security properties under refinement
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Stepwise development of secure systems
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Preserving secrecy under refinement
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Abstractions preserving parameter confidentiality
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A formal framework for confidentiality-preserving refinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
| Hi-index | 0.00 |
A useful paradigm of system development is that of stepwise refinement. In contrast to other system properties, many security properties proposed in the literature are not preserved under refinement (refinement paradox). We present work towards a framework for stepwise development of secure systems by showing a notion of secrecy (that follows a standard approach) to be preserved by standard refinement operators in the specification framework Focus (extended with cryptographic primitives). We also give a rely/guarantee version of the secrecy property and show preservation by refinement. We use the secrecy property to uncover a previously unpublished flaw in a proposed variant of TLS, propose a correction and prove it secure. We give an abstract specification of a secure channel satisfying secrecy and refine it to a more concrete specification that by the preservation result thus also satisfies secrecy.