Action systems, determinism and the development of secure systems

[1]  Jim Woodcock,et al.  Refinement of State-Based Concurrent Systems , 1990, VDM Europe.

[2]  John Graham-Cumming,et al.  The formal development of secure systems , 1992 .

[3]  Leslie Lamport,et al.  Artificial Intelligence and Language Processing ]acques Cohen Editor a Simple Approach to Specifying Concurrent Systems , 2022 .

[4]  John McLean,et al.  Proving Noninterference and Functional Correctness Using Traces , 1992, J. Comput. Secur..

[5]  Jane Sinclair,et al.  Introduction to formal specification and Z , 1991, Prentice Hall International Series in Computer Science.

[6]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[7]  Simon N. Foley,et al.  A Universal Theory of Information Flow , 1987, 1987 IEEE Symposium on Security and Privacy.

[8]  John McLean,et al.  A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  E. Stewart Lee,et al.  The Composability of Non-Interference , 1995, J. Comput. Secur..

[10]  J. Jacob,et al.  Basic Theorems About Security , 1992, J. Comput. Secur..

[11]  Anthony Boswell,et al.  Specification and Validation of a Security Policy Model , 1993, IEEE Trans. Software Eng..

[12]  P. G. Allen,et al.  A comparison of non-interference and non-deducibility using CSP , 1991, Proceedings Computer Security Foundations Workshop IV.

[13]  Michael Butler,et al.  Specification of a Program Derivation Editor , 1994 .

[14]  Glenn H. MacEwen,et al.  A logic for reasoning about security , 1992, TOCS.

[15]  Jonathan K. Millen,et al.  Security Kernel validation in practice , 1976, CACM.

[16]  Jeremy L. Jacob,et al.  Separability and the Detection of Hidden Channels , 1990, Inf. Process. Lett..

[17]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[18]  Ralph-Johan Back,et al.  Refinement Calculus, Part I: Sequential Nondeterministic Programs , 1989, REX Workshop.

[19]  Roberto Gorrieri,et al.  A taxonomy of trace-based security properties for CCS , 1994, Proceedings The Computer Security Foundations Workshop VII.

[20]  Frédéric Cuppens,et al.  A Logical View of Secure Dependencies , 1992, J. Comput. Secur..

[21]  Jonathan K. Millen,et al.  Hookup security for synchronous machines , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[22]  Martín Abadi,et al.  The existence of refinement mappings , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[23]  Daryl McCullough,et al.  Noninterference and the composability of security properties , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[24]  Jim Woodcock,et al.  A Weakest Precondition Semantics for Z , 1998, Comput. J..

[25]  A. W. Roscoe,et al.  Composing and decomposing systems under security properties , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[26]  Simon N. Foley,et al.  Aggregation and Separation as Noninterference Properties , 1992, J. Comput. Secur..

[27]  Gavin Lowe,et al.  Some new attacks upon security protocols , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[28]  William A. Wulf,et al.  A logic of composition for information flow predicates , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[29]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[30]  Carl E. Landwehr,et al.  On Access Checking in Capability-Based Systems , 1987, IEEE Trans. Software Eng..

[31]  John M. Rushby,et al.  Proof of separability: A verification technique for a class of a security kernels , 1982, Symposium on Programming.

[32]  Frédéric Cuppens,et al.  A logical formalization of secrecy , 1993, [1993] Proceedings Computer Security Foundations Workshop VI.

[33]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[34]  E. Stewart Lee,et al.  A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[35]  Simon N. Foley Reasoning about confidentiality requirements , 1994, Proceedings The Computer Security Foundations Workshop VII.

[36]  A. Zakinthinos,et al.  How and Why Feedback Composition Fails , 1996 .

[37]  Jeremy L. Jacob,et al.  Categorising non-interference , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[38]  John Graham-Cumming Some Laws of Non-interference , 1992 .

[39]  Eugene H. Spafford,et al.  The internet worm: crisis and aftermath , 1989 .

[40]  Simon N. Foley A model for secure information flow , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[41]  M. Gordon HOL : A machine oriented formulation of higher order logic , 1985 .

[42]  Richard A. Kemmerer,et al.  Shared resource matrix methodology: an approach to identifying storage and timing channels , 1983, TOCS.

[43]  William R. Bevier,et al.  A state-based approach to noninterference , 1994, Proceedings The Computer Security Foundations Workshop VII.

[44]  F. Javier Thayer,et al.  Security properties consistent with the testing semantics for communicating processes , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[45]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[46]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[47]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[48]  R. Varadarajan,et al.  Deducibility security with dynamic level assignments , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[49]  Andrew William Roscoe,et al.  Model-checking CSP , 1994 .

[50]  John McLean,et al.  Reasoning About Security Models , 1987, 1987 IEEE Symposium on Security and Privacy.

[51]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[52]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[53]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[54]  Oliver Costich,et al.  A classical automata approach to noninterference type problems , 1992, [1992] Proceedings The Computer Security Foundations Workshop V.

[55]  Colin O'Halloran,et al.  A Calculus of Information Flow , 1990, ESORICS.

[56]  Joseph M. Morris,et al.  A Theoretical Basis for Stepwise Refinement and the Programming Calculus , 1987, Sci. Comput. Program..

[57]  Ravi Sandhu A Lattice Interpretation Of The Chinese Wall Policy , 1992 .

[58]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[59]  Steve A. Schneider Security properties and CSP , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[60]  F. Javier Thayer,et al.  Security and the Composition of Machines , 1988, CSFW.

[61]  John McLean,et al.  A Comment on the 'Basic Security Theorem' of Bell and LaPadula , 1985, Inf. Process. Lett..

[62]  Greg O'Shea,et al.  On the Specification, Validation and Verification of Security in Access Control Systems , 1994, Comput. J..

[63]  James W. Gray,et al.  Probabilistic interference , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[64]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[65]  Dorothy E. Denning,et al.  Secure information flow in computer systems. , 1975 .

[66]  Peter J. Denning,et al.  Third Generation Computer Systems , 1971, CSUR.

[67]  Steve A. Schneider,et al.  Using CSP for protocol analysis: the Needham-Schroeder Public-Key Protocol , 1996 .

[68]  Carroll Morgan,et al.  Of wp and CSP , 1990 .

[69]  James W. Gray,et al.  Toward a mathematical foundation for information flow security , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[70]  John M. Rushby,et al.  Design and verification of secure systems , 1981, SOSP.

[71]  Michael J. Butler A CSP approach to action systems , 1992 .

[72]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[73]  Michael J. Butler,et al.  Stepwise Refinement of Communicating Systems , 1996, Sci. Comput. Program..

[74]  Kaisa Sere,et al.  Refining Action Systems within B-Tool , 1996, FME.

[75]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[76]  Jeremy L. Jacob,et al.  Security specifications , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[77]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[78]  Colin O'Halloran On requirements and security in a CCIS , 1992, [1992] Proceedings The Computer Security Foundations Workshop V.

[79]  Frank Waters,et al.  The B Book , 1971 .

[80]  Simon N. Foley Secure information flow using security groups , 1990, [1990] Proceedings. The Computer Security Foundations Workshop III.

[81]  John McLean,et al.  A Formal Method for the Abstract Specification of Software , 1984, JACM.

[82]  Jeremy L. Jacob The Varieties of Refinement , 1991 .

[83]  Daryl McCullough,et al.  A Hookup Theorem for Multilevel Security , 1990, IEEE Trans. Software Eng..

[84]  J. Thomas Haigh,et al.  Noninterference and unwinding for LOCK , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[85]  John Graham-Cumming,et al.  Laws of Non-Interference in CSP , 1993, J. Comput. Secur..

[86]  Jonathan K. Millen,et al.  Unwinding forward correctability , 1994, Proceedings The Computer Security Foundations Workshop VII.

[87]  Jim Woodcock,et al.  Non-interference through Determinism , 1994, J. Comput. Secur..

[88]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[89]  Jim Woodcock,et al.  Using Z - specification, refinement, and proof , 1996, Prentice Hall international series in computer science.

[90]  Benedict G. E. Wiedemann Protection? , 1998, Science.

[91]  A. W. Roscoe CSP and determinism in security modelling , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[92]  A. W. Roscoe Modelling and verifying key-exchange protocols using CSP and FDR , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[93]  Paul F. Syverson,et al.  A logical approach to multilevel security of probabilistic systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[94]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .