Maintaining Information Flow Security Under Refinement and Transformation

Seehusen, Fredrik; Stølen, Ketil

doi:10.1007/978-3-540-75227-1_10

Cited by 8 publications

(10 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(A similar situation arises when n H = 9 and g L = 8.) It follows that Equation 13 does not imply Equation 14 in all circumstances, and so we conclude that G 0 does not satisfy π G .…”

Section: Definition 1 (Confidentiality Property)mentioning

confidence: 78%

“…Several semantic frameworks (including the MAKS) for expressing a range of confidentiality properties in a uniform manner have been proposed in the security literature [5,6,9,10,12,13,14]. The objective of these frameworks is to consolidate the existing definitions of noninterference-like properties in the literature, in order to evaluate and compare these properties systematically and to enable new confidentiality properties to be defined rigorously.…”

Section: Related Workmentioning

confidence: 99%

“…Seehusen and Stølen [13,14] have proposed a (MAKS-like) framework for integrating confidentiality properties into stepwise software development processes. In their framework, a system specification is formalised as a set of obligations (trace sets); a system satisfies a specification if it contains at least one trace from each obligation in the specification.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Unifying Theories of Confidentiality

Banks

Jacob

2010

Unifying Theories of Programming

View full text Add to dashboard Cite

Abstract. This paper presents a framework for reasoning about the security of confidential data within software systems. A novelty is that we use Hoare and He's Unifying Theories of Programming (UTP) to do so and derive advantage from this choice. We identify how information flow between users can be modelled in the UTP and devise conditions for verifying that system designs may not leak secret information to untrusted users. We also investigate how these conditions can be combined with existing notions of refinement to produce refinement relations suitable for deriving secure implementations of systems.

show abstract

“…(A similar situation arises when n H = 9 and g L = 8.) It follows that Equation 13 does not imply Equation 14 in all circumstances, and so we conclude that G 0 does not satisfy π G .…”

Section: Definition 1 (Confidentiality Property)mentioning

confidence: 78%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Unifying Theories of Confidentiality

Banks

Jacob

2010

Unifying Theories of Programming

View full text Add to dashboard Cite

show abstract

“…al [20] studied the problem of preservation of information flow properties under action refinement in the context of process algebra. Seehusen and Stølen [21] introduced a schema to specify and preserve secure information flow properties in the semantics of STAIRS [22]. Jürjens [23] presented a framework for preserving secrecy under refinement operators in specification framework FOCUS [24].…”

Section: Related Workmentioning

confidence: 99%

On Information Flow Control in Event-B and Refinement

2013

2013 International Symposium on Theoretical Aspects of Software Engineering

View full text Add to dashboard Cite

This paper investigates the problem of preserving information flow security in Event-B specification models and during the process of refining an abstract specification to be more concrete. A typed Event-B model is presented to enforce information flow security. We then present an approach to the problem of preserving information flow properties under abstraction refinement. The novelty of the approach is that we formalise refinement transformation in terms of the mathematical concept of Galois connection for the purpose of information-flow analysis and control. That is, the stateinvariant and state-transition predicates of the models are used to generate the Galois connection. We show how the refinement transformation ensures to preserve the security properties during the development steps from the beginning abstract-level specification to a concrete implementation.

show abstract

“…Recently in [24], Seehusen and Stølen addressed the problem of preserving trace-based security properties under transformations from an abstract specification to a concrete one. The particular transformations they deal with may be understood as a special case of action refinement where the concrete specification is generated automatically from the abstract specification.…”

Section: Conclusion and Related Workmentioning

confidence: 99%

Action Refinement in Process Algebra and Security Issues

Bossi

Piazza

Rossi

2008

Logic-Based Program Synthesis and Transformation

View full text Add to dashboard Cite

Abstract. In the design process of distributed systems we may have to replace abstract specifications of components by more concrete specifications, thus providing more detailed design information. In the context of process algebra, this well-known approach is often referred to as action refinement. We study the relationships between action refinement and security properties within the Security Process Algebra (SPA). First we formalize the concept of action refinement as a structural inductive transformation. Then we prove several compositional results which can be exploited in the stepwise development of processes. Finally, we consider information flow security properties for SPA processes and define a decidable class of secure processes which is closed under refinement.

show abstract

Maintaining Information Flow Security Under Refinement and Transformation

Cited by 8 publications

References 8 publications

Unifying Theories of Confidentiality

Unifying Theories of Confidentiality

On Information Flow Control in Event-B and Refinement

Action Refinement in Process Algebra and Security Issues

Contact Info

Product

Resources

About