论文信息 - Verifying Abstract Information Flow Properties in Fault Tolerant Security Devices

Verifying Abstract Information Flow Properties in Fault Tolerant Security Devices

The verification of information flow properties of security devices is difficult because it involves the analysis of schematic diagrams, artwork, embedded software, etc. In addition, a typical security device has many modes, partial information flow, and needs to be fault tolerant. We propose a new approach to the verification of such devices based upon checking abstract information flow properties expressed as graphs. This approach has been implemented in software, and successfully used to find possible paths of information flow through security devices.

Luke Wildman | Tim McComb

[1] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[2] Ralf Behnke,et al. RELVIEW - A System for Calculating With Relations and Relational Programming , 1998, FASE.

[3] Colin J. Fidge,et al. Tracing secure information flow through mode changes , 2006, ACSC.

[4] Luke Wildman,et al. SIFA: A Tool for Evaluation of High-Grade Security Devices , 2005, ACISP.

[5] Colin J. Fidge,et al. Fault evaluation for security-critical communication devices , 2006, Computer.

[6] Colin J. Fidge,et al. Identifying Critical Components During Information Security Evaluations , 2005, J. Res. Pract. Inf. Technol..

[7] Stephan Merz,et al. Model Checking , 2000 .

[8] Helmut Veith,et al. Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[9] Colin J. Fidge,et al. Information Flow Analysis for Fail-Secure Devices , 2005, Comput. J..

[10] John Rushby,et al. Noninterference, Transitivity, and Channel-Control Security Policies 1 , 2005 .