论文信息 - Secure contexts for confidential data

Secure contexts for confidential data

Information flow security in a multilevel system aims at guaranteeing that no high level information is revealed to low level users, even in the presence of any possible malicious process. This requirement could be too demanding when some knowledge about the environment (context) in which the process is going to run is available. To deal with these simulations we introduce the notion of secure contexts for a class of processes. This notion is parametric with respect to both the observation equivalence and the operation used to characterize the low level behavior of a process. We mainly analyze the cases of bisimulation and trace equivalence. We describe how to build secure contexts in these cases and we show that two well-known security properties, named BNDC and NDC, are just special instances of our general notion.

[1] Riccardo Focardi,et al. A Proof System for Information Flow Security , 2002, LOPSTR.

[2] Robin Milner,et al. Communication and concurrency , 1989, PHI Series in computer science.

[3] John McLean,et al. A General Theory of Composition for a Class of "Possibilistic'' Properties , 1996, IEEE Trans. Software Eng..

[4] Peter Y. A. Ryan,et al. Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[5] Simon N. Foley,et al. A Universal Theory of Information Flow , 1987, 1987 IEEE Symposium on Security and Privacy.

[6] Geoffrey Smith,et al. Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[7] Colin O'Halloran,et al. A Calculus of Information Flow , 1990, ESORICS.

[8] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[9] James Riely,et al. Information flow vs. resource access in the asynchronous pi-calculus , 2000, TOPL.

[10] Riccardo Focardi,et al. Bisimulation and Unwinding for Verifying Possibilistic Security Properties , 2002, VMCAI.

[11] Daryl McCullough,et al. Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[12] Michele Bugliesi,et al. Communication Interference in Mobile Boxed Ambients , 2002, FSTTCS.

[13] J. Meseguer,et al. Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[14] Heiko Mantel,et al. Possibilistic definitions of security-an assembly kit , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[15] Roberto Gorrieri,et al. Classification of Security Properties (Part I: Information Flow) , 2000, FOSAD.

[16] R.,et al. A CLASSIFICATION OF SECURITY PROPERTIES FOR PROCESS ALGEBRAS 1 , 1994 .

[17] R. Focardi,et al. Information flow ecurity in dynamic contexts , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[18] Roberto Gorrieri,et al. Non Interference for the Analysis of Cryptographic Protocols , 2000, ICALP.

[19] John McLean,et al. Security models and information flow , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[20] Fabio Martinelli,et al. Analysis of security protocols as open systems , 2003, Theor. Comput. Sci..

[21] E. Stewart Lee,et al. A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[22] Heiko Mantel,et al. Static Confidentiality Enforcement for Distributed Programs , 2002 .

[23] David Sands,et al. Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.