Mathematical models of information security

In this short article, the authors will present a number of mathematical models of information security. They will start with some of the earliest work which focused on access control. The unifying theme throughout the study is information flow. They will move from lattice-based models through to the more recent information theoretic and probabilistic models. These latter models recognise that, in most systems, some information flow is inevitable but that it is important to be able to quantify this.

[1]  Michael Huth,et al.  Access-Control Policies via Belnap Logic: Effective and Efficient Composition and Analysis , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[2]  Chris Hankin,et al.  Measuring the confinement of probabilistic systems , 2005, Theor. Comput. Sci..

[3]  Flemming Nielson,et al.  Advice from Belnap Policies , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[4]  John McLean,et al.  Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Peter Y. A. Ryan,et al.  Mathematical Models of Computer Security , 2000, FOSAD.

[6]  David Sands,et al.  Dimensions and principles of declassification , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[7]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Len LaPadula,et al.  Secure Computer Systems: A Mathematical Model , 1996 .

[10]  Chris Hankin,et al.  Information flow for Algol-like languages , 2002, Comput. Lang. Syst. Struct..

[11]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[12]  David Clark,et al.  Quantitative Information Flow, Relations and Polymorphic Types , 2005, J. Log. Comput..