On Intransitive Non-interference in Some Models of Concurrency

Intransitive non-interference (INI for short) is a behavioural property extensively studied by Rushby over deterministic automata with outputs associated to transitions (Mealy machines) in order to discuss the security of systems where declassification of secret information is allowed. In this paper, we first propose a natural transposition of Rushby's definition on deterministic labelled transition systems, we call INI as well, and then an alternative, yet more easily checkable, formulation of INI, called NI with downgraders (NID for short). We show how NID can be naturally extended to the case of nondeterministic automata by using a variation of it based on bisimulation equivalence (BNID). The most novel contribution of this paper is the extension of this theory on the class of Petri nets called elementary net systems: we propose a semistatic technique, called PBNID and based on the inspection of the net structure, that is shown to be equivalent to BNID.

[1]  Roberto Gorrieri,et al.  Structural non-interference in elementary and trace nets , 2009, Mathematical Structures in Computer Science.

[2]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[3]  Wolfgang Reisig,et al.  Applications and Theory of Petri Nets 2004 , 2004, Lecture Notes in Computer Science.

[4]  Frank S. de Boer,et al.  Model Checking, Automated Abstraction, and Compositional Verification of Rebeca Models , 2005, J. Univers. Comput. Sci..

[5]  Peter Y. A. Ryan,et al.  Mathematical Models of Computer Security , 2000, FOSAD.

[6]  Roberto Gorrieri,et al.  A Taxonomy of Security Properties for Process Algebras , 1995, J. Comput. Secur..

[7]  Roberto Gorrieri,et al.  Positive Non-interference in Elementary and Trace Nets , 2004, ICATPN.

[8]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[9]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[10]  Nejib Ben Hadj-Alouane,et al.  Characterizing intransitive noninterference for 3-domain security policies with observability , 2005, IEEE Transactions on Automatic Control.

[11]  Ron van der Meyden,et al.  What, indeed, is intransitive noninterference? , 2015, J. Comput. Secur..

[12]  John Rushby,et al.  Noninterference, Transitivity, and Channel-Control Security Policies 1 , 2005 .

[13]  John Mullins Nondeterministic Admissible Interference , 2000, J. Univers. Comput. Sci..

[14]  Joost Engelfriet,et al.  Elementary Net Systems , 1996, Applications and Theory of Petri Nets.

[15]  Carla Piazza,et al.  Modelling downgrading in information flow security , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[16]  Roberto Gorrieri,et al.  A Classification of Security Properties , 1993 .

[17]  Sylvan Pinsky,et al.  Absorbing covers and intransitive non-interference , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[18]  Wolfgang Reisig,et al.  Lectures on Petri Nets I: Basic Models , 1996, Lecture Notes in Computer Science.

[19]  Roberto Gorrieri,et al.  On the Decidability of Non Interference over Unbounded Petri Nets , 2010, SecCo.

[20]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[21]  Roberto Gorrieri,et al.  A Survey on Non-interference with Petri Nets , 2003, Lectures on Concurrency and Petri Nets.

[22]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 2001 .

[23]  Roberto Gorrieri,et al.  Foundations of Security Analysis and Design - Tutorial Lectures , 2000 .

[24]  J. Thomas Haigh,et al.  Extending The Non-Interference Version Of MLS For Sat , 1987, 1986 IEEE Symposium on Security and Privacy.

[25]  Theo Dimitrakos,et al.  Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers , 2007, Formal Aspects in Security and Trust.

[26]  Nejib Ben Hadj-Alouane,et al.  On the verification of intransitive noninterference in mulitlevel security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[27]  Joachim Biskup,et al.  Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings , 2007, ESORICS.

[28]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[29]  Roberto Gorrieri,et al.  Petri Net Security Checker: Structural Non-interference at Work , 2009, Formal Aspects in Security and Trust.

[30]  A. W. Roscoe,et al.  What is intransitive noninterference? , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[31]  Roberto Gorrieri,et al.  Classification of Security Properties (Part I: Information Flow) , 2000, FOSAD.

[32]  Wolfgang Reisig,et al.  Lectures on Concurrency and Petri Nets , 2003, Lecture Notes in Computer Science.

[33]  Sylvan Pinsky,et al.  Noninterference equations for nondeterministic systems , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[34]  John Mullins,et al.  Bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols , 2003, Inf. Softw. Technol..