Secured Information Flow for Asynchronous Sequential Processes

Authors:
Isabelle Attali;Denis Caromel;Ludovic Henrio;Felipe Luna Del Aguila
Affiliations:
INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, 2004, Route des Lucioles, BP 93 - F-06902 Sophia Antipolis Cedex, France;INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, 2004, Route des Lucioles, BP 93 - F-06902 Sophia Antipolis Cedex, France;INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, 2004, Route des Lucioles, BP 93 - F-06902 Sophia Antipolis Cedex, France;INRIA Sophia Antipolis, CNRS - I3S - Univ. Nice Sophia Antipolis, 2004, Route des Lucioles, BP 93 - F-06902 Sophia Antipolis Cedex, France
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2007

Citing 13
Cited 1

A calculus of mobile processes, I

Information and Computation
Exception-based information flow control in object-oriented systems

ACM Transactions on Information and System Security (TISSEC)
JFlow: practical mostly-static information flow control

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
Untrusted hosts and confidentiality: secure program partitioning

SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
A Theory of Objects

A Theory of Objects
Information Flow Control in Object-Oriented Systems

IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Classification of Security Properties (Part I: Information Flow)

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
The Impact of Synchronisation on Secure Information Flow in Concurrent Programs

PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Information Flow Analysis of Component-Structured Applications

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Asynchronous and deterministic objects

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Theory of Distributed Objects

A Theory of Distributed Objects

Automatic information flow analysis of business process models

BPM'12 Proceedings of the 10th international conference on Business Process Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present in this article a precise security model for data confidentiality in the framework of ASP (Asynchronous Sequential Processes). ASP is based on active objects, asynchronous communications, and data-flow synchronizations. We extend it with security levels attached to activities (active objects) and transmitted data. We design a security model that guarantees data confidentiality within an application; this security model takes advantages of both mandatory and discretionary access models. We extend the semantics of ASP with predicate conditions that provide a formal security framework, dynamically checking for unauthorized information flows. As a final result, all authorized communication paths are secure: no disclosure of information can happen. This theoretically-founded contribution may have a strong impact on distributed object-based applications, that are more and more present and confidentiality-demanding on the Internet, it also arises a new issue in data confidentiality: authorization of secured information flow transiting (by the mean of futures) through an unsecured component.