Applying noninterference to composition of systems: a more practical approach

As we know, current hookup or composable properties may impose over-strong security requirements on component systems. To overcome this problem, connectivities of the components have to be considered in order to appropriately handle their composition. Based on such a consideration, in this paper we adopt the concept of rely- and guarantee-conditions to present a composable property of noninterference. We enforce the requirement of noninterference only on some input-output entities of each component with regard to its connectivity, and communication constraints on its others so as to ensure that their entire system can satisfy noninterference. This enables the system and its components to possess different security properties, i.e. the security property of the system can be logically stronger than security properties of its components.<<ETX>>

[1]  Jean-Pierre Jouannaud,et al.  TAPSOFT'93: Theory and Practice of Software Development , 1993, Lecture Notes in Computer Science.

[2]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Qi Shi,et al.  Secure composition of systems , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[4]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[5]  Daryl McCullough,et al.  A Hookup Theorem for Multilevel Security , 1990, IEEE Trans. Software Eng..

[6]  F. Javier Thayer,et al.  Security and the Composition of Machines , 1988, CSFW.

[7]  Jonathan K. Millen,et al.  Hookup security for synchronous machines , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[8]  C. Meadows,et al.  Using traces based on procedure calls to reason about composability , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[10]  Pierre Collette,et al.  Application of the Composition Principle to Unity-like Specifications , 1993, TAPSOFT.