Abstract
Formal methods emphasizes the need for a top-down approach when developing large reliable software systems. Refinements are used to map step by step abstract algebraic specifications to executable specifications. Action refinements are used to add detailed design information to abstract actions. Information flow control is used to specify and verify the admissible flow of confidential information in a complex system. However, it is well-known that in general action refinement will not preserve information flow properties which have been proved on an abstract level. In this paper we develop criteria ensuring that these properties are inherited during action refinement. We adopt Mantel’s MAKS framework on possibilistic information flow control to formulate security predicates but advance to configuration structures instead of trace event systems to cope with necessary modeling of concurrency.
This work was supported by the German Federal Ministry of Education and Research (BMBF) and the German Research Foundation (DFG).
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Bossi, A., Focardi, R., Piazza, C., Rossi, S.: Refinement Operators and Information Flow Security. In: Proceedings of the 1st International Conference on Software Engineering and Formal Methods (SEFM 2003). IEEE Computer Science, Los Alamitos (2001)
Bossi, A., Focardi, R., Piazza, C., Rossi, S.: Bisimulation and Unwinding for Verifying Possibilistic Security Properties. In: Zuck, L.D., Attie, P.C., Cortesi, A., Mukhopadhyay, S. (eds.) VMCAI 2003. LNCS, vol. 2575, pp. 223–237. Springer, Heidelberg (2002)
Bossi, A., Macedono, D., Piazza, C., Rossi, S.: Compositional Action Refinement and Information Flow Security. Technical Report CS-2003-13. Dipartimento di Informatica, Univerista Ca Foscari di Venezia (2003)
Castellano, L., de Michelis, G., Pomello, L.: Concurrency vs. interleaving: an instructive example. Bulletin of the EATCS 31, 12–15 (1987)
Degano, P., de Nicola, R., Montanari, U.: Observational equivalences for concurrency models. In: Proceedings of the 3rd IFIP WG 2.2 working conference: Formal description of programming concepts III, Ebberup, North-Holland (1987)
Van Glabbeek, R.J., Plotkin, G.D.: Configuration structures. In: Proceedings of the 10th Annual IEEE Symposium on Logic in Computer Science, IEEE Computer Society Press, Los Alamitos (1995)
Van Glabbeek, R.J., Goltz, U.: Refinement of actions and equivalence notions for concurrent systems. Acta Informatica 37(4-5), 229–327 (2001)
Gorrieri, R., Rensink, A.: Action Refinement. Technical report UBLCS-99-09, University of Bologna (1999)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1982)
Goguen, J.A., Meseguer, J.: Inference control and unwinding. In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1984)
Hutter, D., Mantel, H., Schairer, A., Schaefer, I.: Security in Multiagent Systems – A Case Study on Comparison Shopping. Journal of Applied Logic. Special Issue: Logic-based Verification of Multiagent Systems (in press) (2006) doi:10.1016/j.jal.2005.12.015
Jacob, J.: On the derivation of secure components. In: Proceedings of the 1989 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (1989)
Mantel, H.: Possibilistic definitions of security – an assembly kit. In: Proceedings of the IEEE Computer Security Foundations Workshop. IEEE Computer Society, Los Alamitos (2000)
Mantel, H.: Preserving Information Flow Properties under Refinement. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (2001)
Mantel, H.: A Uniform Framework for the Formal Specification and Verification of Information Flow Security. PhD thesis, Universität des Saarlandes (2003) (published as a manuscript)
McLean, J.D.: Proving Noninterference and Functional Correctness using Traces. Journal of Computer Security 1(1), 37–57 (1992)
McLean, J.D.: A general theory of composition for trace sets closed under selective interleaving functions. In: Proceedings of IEEE Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (1994)
Milner, R.: A Calculus of Communication Systems. LNCS, vol. 92. Springer, Heidelberg (1980)
Rushby, J.: Noninterference, transitivity, and channel-control security policies. Technical Report CSL-92-02, SRI International, Menlo Park, CA (1992)
Ryan, P.Y.A., Schneider, S.A.: Process algebra and non-interference. Journal of Computer Security 9(1/2), 75–103 (2001)
Winskel, G.: Event structures. In: Brauer, W., Reisig, W., Rozenberg, G. (eds.) APN 1986. LNCS, vol. 255. Springer, Heidelberg (1987)
Zakinthinos, A., Lee, E.S.: A general theory of security properties. In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hutter, D. (2006). Possibilistic Information Flow Control in MAKS and Action Refinement. In: Müller, G. (eds) Emerging Trends in Information and Communication Security. ETRICS 2006. Lecture Notes in Computer Science, vol 3995. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11766155_19
Download citation
DOI: https://doi.org/10.1007/11766155_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-34640-1
Online ISBN: 978-3-540-34642-5
eBook Packages: Computer ScienceComputer Science (R0)