The Compositional Security Checker (CoSeC for short) is a semantic-based tool for the automatic verication of some compositional information ow properties. The speci cations given as inputs to CoSeC are terms of the Security Process Algebra, a language suited for the speci cation of concurrent systems where actions belong to two di erent levels of con dentiality. The information ow security properties which can be veri ed by CoSeC are some of those classi ed in 8]. They derive from some classic notions, e.g. Non Interference 11]. The tool is based on the same architecture as the Concurrency Workbench 5], from which some modules have been imported unchanged. The usefulness of the tool is tested with the signi cant case-study of an access-monitor, presented in several versions in order to illustrate the relative merits of the various information ow properties that CoSeC can check. Finally, we present an application in the area of network security: we show that the theory (and the tool) can be reasonably applied also for singling out security aws in a simple, yet paradigmatic, communication protocol.
Abstract. We present a uniform approach for the definition and the analysis of various security properties. It is based on the general idea that a security property should be satisfied even in the presence of an hostile environment. This principle determines a family of strong properties which are resistant to every external attack, but are quite impractical to check. For this reason, we find some general conditions that permit to check a property only against a "most powerful" intruder. We show that the results of our theory can be easily applied to a number of existing security properties that can be rephrased in our setting. This shows the generality of the approach and permits to find some interesting relations among properties which have been proposed for different security issues.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.