Formal Requirements Engineering Using Observer Models
FASE '02 Proceedings of the 5th International Conference on Fundamental Approaches to Software Engineering
Bisimulation and Unwinding for Verifying Possibilistic Security Properties
VMCAI 2003 Proceedings of the 4th International Conference on Verification, Model Checking, and Abstract Interpretation
Securing Communication in a Concurrent Language
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Information Flow Control and Applications - Bridging a Gap
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A Generic Approach to the Security of Multi-Threaded Programs
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A unifying approach to the security of distributed and multi-threaded programs
Journal of Computer Security - Special issue on CSFW14
A process-algebraic approach for the analysis of probabilistic noninterference
Journal of Computer Security
The framework of selective interleaving functions and the modular assembly kit
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Decidability and proof systems for language-based noninterference relations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Information flow property preserving transformation of UML interaction diagrams
Proceedings of the eleventh ACM symposium on Access control models and technologies
Information flow security in dynamic contexts
Journal of Computer Security
Integration of a security type system into a program logic
Theoretical Computer Science
ACM Transactions on Information and System Security (TISSEC)
A formal security policy for xenon
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Avoiding information leakage in security-policy-aware planning
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Action Refinement in Process Algebra and Security Issues
Logic-Based Program Synthesis and Transformation
On the Decidability of Model-Checking Information Flow Properties
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Bisimulation for Demonic Schedulers
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
The Shadow Knows: Refinement and security in sequential programs
Science of Computer Programming
On a formal framework for security properties
Computer Standards & Interfaces
Declassification: Dimensions and principles
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
An Automata Based Approach for Verifying Information Flow Properties
Electronic Notes in Theoretical Computer Science (ENTCS)
Combining different proof techniques for verifying information flow security
LOPSTR'06 Proceedings of the 16th international conference on Logic-based program synthesis and transformation
A proof system for information flow security
LOPSTR'02 Proceedings of the 12th international conference on Logic based program synthesis and transformation
Maintaining information flow security under refinement and transformation
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A comparison of semantic models for noninterference
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A comparison of semantic models for noninterference
Theoretical Computer Science
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Unifying theories of confidentiality
UTP'10 Proceedings of the Third international conference on Unifying theories of programming
Privacy enforcement and analysis for functional active objects
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Model-checking trace-based information flow properties
Journal of Computer Security
Possibilistic information flow control in MAKS and action refinement
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Adjoining declassification and attack models by abstract interpretation
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Bridging language-based and process calculi security
FOSSACS'05 Proceedings of the 8th international conference on Foundations of Software Science and Computation Structures
A probabilistic property-specific approach to information flow
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Abstractions preserving parameter confidentiality
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
The complexity of synchronous notions of information flow security
FOSSACS'10 Proceedings of the 13th international conference on Foundations of Software Science and Computational Structures
Information flow control to secure dynamic web service composition
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
On the composition of compositional reasoning
Proceedings of the 2004 international conference on Architecting Systems with Trustworthy Components
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Deciding selective declassification of petri nets
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Verifying persistent security properties
Computer Languages, Systems and Structures
Trust areas: a security paradigm for the future internet
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Conditional information flow policies and unwinding relations
TGC'11 Proceedings of the 6th international conference on Trustworthy Global Computing
Coinductive unwinding of security-relevant hyperproperties
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Information flow in systems with schedulers, Part II: Refinement
Theoretical Computer Science
| Hi-index | 0.00 |
We present a framework in which different notions of security can be defined in a uniform and modular way. Each definition of security is formalized as a security predicate by assembling more primitive basic security predicates. A collection of such basic security predicates is defined and we demonstrate how well known concepts like generalized non-interference or separability can be constructed from them.The framework is open and can be extended with new basic security predicates using a general schema. We investigate the compatibility of the assembled definitions with system properties apart from security and propose a new definition of security, which does not restrict non-critical information flow. It turns out that the modularity of our framework simplifies this investigation. Finally, we discuss the stepwise development of secure systems.