The security checker: a semantics-based tool for the verification of security properties

The security checker (SC for short) is a semantic tool for the automatic verification of some information flow properties. The specifications given as inputs to SC are terms of the security process algebra (SPA for short), a language suited for the specification of systems where actions belong to two different levels of confidentiality. The information flow security properties which can be verified by SC are some of those classified in previous papers. They are derivations of some classic notions, e.g. non interference. The tool is based on the same architecture of the concurrency workbench, from which some modules have been integrally imported. The usefulness of the tool is tested with the significative case-study of an access monitor.

[1]  Scott A. Smolka,et al.  CCS expressions, finite state processes, and three problems of equivalence , 1983, PODC '83.

[2]  Matthew Hennessy,et al.  Symbolic Bisimulations , 1995, Theor. Comput. Sci..

[3]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[4]  Roberto Gorrieri,et al.  An Information Flow Security Property for CCS , 1993 .

[5]  Andrew William Roscoe,et al.  Model-checking CSP , 1994 .

[6]  Rance Cleaveland,et al.  The concurrency workbench: a semantics-based tool for the verification of concurrent systems , 1993, TOPL.

[7]  Roberto Gorrieri,et al.  A taxonomy of trace-based security properties for CCS , 1994, Proceedings The Computer Security Foundations Workshop VII.

[8]  R.,et al.  A CLASSIFICATION OF SECURITY PROPERTIES FOR PROCESS ALGEBRAS 1 , 1994 .

[9]  Faron Moller,et al.  A Fast Algorithm for Deciding Bisimilarity of Normed Context-Free Processes , 1994, CONCUR.

[10]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Jim Woodcock,et al.  Non-interference through Determinism , 1994, J. Comput. Secur..