Security Abstractions and Intruder Models

Process algebraic specifications of distributed systems are increasingly being targeted at identifying security primitives well-suited as high-level programming abstractions, and at the same time adequate for security analysis and verification. Drawing on our earlier work along these lines [5], we investigate the expressive power of a core set of security and network abstractions that provide high-level primitives for the specifications of the honest principals in a network as well as the lower-level adversarial primitives that must be assumed available to an attacker. We analyze various bisimulation equivalences for security, arising from endowing the intruder with (i) dierent adversarial capabilities and (ii) increasingly powerful control on the interaction among the distributed principals of a network. By comparing the relative strength of the bimimulation equivalences we obtain a a direct measure of the discriminating power of the intruders, hence of the expressiveness of the corresponding models.

[1]  Nobuko Yoshida,et al.  On Reduction-Based Process Semantics , 1995, Theor. Comput. Sci..

[2]  Cédric Fournet,et al.  Secure Implementations for Typed Session Abstractions , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[3]  Michele Bugliesi,et al.  Language Based Secure Communication , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[4]  Martín Abadi,et al.  Private authentication , 2004, Theor. Comput. Sci..

[5]  Cédric Fournet,et al.  Cryptographically sound implementations for typed information-flow security , 2008, POPL '08.

[6]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[7]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[8]  Davide Sangiorgi,et al.  On asynchrony in name-passing calculi , 1998, Mathematical Structures in Computer Science.

[9]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[10]  Cédric Fournet,et al.  Cryptographically Sound Implementations for Communicating Processes , 2006, ICALP.

[11]  Peeter Laud,et al.  Secrecy types for a simulatable cryptographic library , 2005, CCS '05.