Mathematical Models of Computer Security

In this chapter I present a process algebraic approach to the modelling of security properties and policies. I will concentrate on the concept of secrecy, also known as confidentiality, and in particular on the notion of non-interference. Non-interference seeks to characterise the absence of information flows through a system and, as such, is a fundamental concept in information security.A central thesis of these lectures is that, viewed from a process algebraic point of view, the problem of characterising non-interference is essentially equivalent to that of characterising the equivalence of processes. The latter is itself a fundamental and delicate question at the heart of process algebra and indeed theoretical computer science: the semantics of a process is intimately linked to the question of which processes should be regarded as equivalent.We start, by way of motivation and to set the context, with a brief historical background. A much fuller exposition of security policies in the wider sense, embracing properties other than secrecy, can be found in the chapter by Pierangela Samarati in this volume. We then cover some elements of process algebra, in particular CSP (Communicating Sequential Processes), that we need and present a formulation of noninterference, along with some more operational presentations of process algebra, including the idea of bi-simulation. I argue that the classical notion of unwinding found in the security literature is really just bisimulation in another guise.Finally, I propose some generalisations of the process algebraic formulations designed to encompass a richer class of policies and examples.

[1]  Steve Schneider,et al.  Concurrent and Real Time Systems , 1999 .

[2]  Roberto Gorrieri,et al.  A Classification of Security Properties , 1993 .

[3]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[4]  I. Lakatos,et al.  Proofs and Refutations: Frontmatter , 1976 .

[5]  David Nowak,et al.  A Unifying Approach to Data-Independence , 2000, CONCUR.

[6]  Donald MacKenzie,et al.  Computers and the sociology of mathematical proof , 1998, FM-Trends 1998.

[7]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[8]  John McHugh,et al.  A Formal Definition for Information Flow in the Gypsy Expression Language , 1988, CSFW.

[9]  Paul H. B. Gardiner Power Simulation and its Relation to Traces and Failures Refinement , 2000, Electron. Notes Theor. Comput. Sci..

[10]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[11]  Daryl McCullough,et al.  Noninterference and the composability of security properties , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[12]  J. Jacob,et al.  Basic Theorems About Security , 1992, J. Comput. Secur..

[13]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[14]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[15]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[16]  John McLean,et al.  A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  F. Javier Thayer,et al.  Security and the Composition of Machines , 1988, CSFW.

[18]  John McLean,et al.  A Comment on the 'Basic Security Theorem' of Bell and LaPadula , 1985, Inf. Process. Lett..

[19]  A. W. Roscoe,et al.  A Timed Model for Communicating Sequential Processes , 1986, Theor. Comput. Sci..

[20]  A. W. Roscoe CSP and determinism in security modelling , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[21]  P.H.B. Gardiner Algebraic Proofs of Consistency and Completeness , 1995, Theor. Comput. Sci..

[22]  Gavin Lowe,et al.  Probabilities and priorities in timed CSP , 1993 .

[23]  A. W. Roscoe,et al.  What is intransitive noninterference? , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[24]  Imre Lakatos,et al.  On the Uses of Rigorous Proof. (Book Reviews: Proofs and Refutations. The Logic of Mathematical Discovery) , 1977 .

[25]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[26]  Steve A. Schneider,et al.  Concurrent and Real-time Systems: The CSP Approach , 1999 .

[27]  Jim Davies,et al.  A Brief History of Timed CSP , 1995, Theor. Comput. Sci..

[28]  John C. Mitchell,et al.  Probabilistic Polynomial-Time Equivalence and Security Analysis , 1999, World Congress on Formal Methods.

[29]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[30]  Hassen Saïdi,et al.  Model Checking Guided Abstraction and Analysis , 2000, SAS.

[31]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[32]  K J Biba,et al.  Integrity Considerations for Secure Computer Systems , 1977 .

[33]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[34]  Robin Milner,et al.  Communicating and mobile systems - the Pi-calculus , 1999 .

[35]  Simon N. Foley The specification and implementation of “commercial” security requirements including dynamic segregation of duties , 1997, CCS '97.

[36]  Jim Woodcock,et al.  Non-interference through Determinism , 1994, J. Comput. Secur..

[37]  Andrew P. Moore,et al.  Design and Assurance Strategy for the NRL Pump , 1998, Computer.

[38]  Peter Y. A. Ryan,et al.  The modelling and analysis of security protocols: the csp approach , 2000 .

[39]  Birgit Pfitzmann,et al.  Cryptographic Security of Reactive Systems Extended Abstract , 2000 .

[40]  A. W. Roscoe,et al.  An Improved Failures Model for Communicating Processes , 1984, Seminar on Concurrency.

[41]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[42]  Heiko Mantel,et al.  Unwinding Possibilistic Security Properties , 2000, ESORICS.

[43]  Richard J. Feiertag A Technique for Proving Specifications are Multilevel Secure , 1980 .

[44]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[45]  Colin O'Halloran,et al.  A Calculus of Information Flow , 1990, ESORICS.

[46]  Michael Goldsmith,et al.  Modelling and analysis of security protocols , 2001 .

[47]  E. Stewart Lee,et al.  A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[48]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[49]  Dimacs DIMACS Workshop on Design and Formal Verification of Security Protocols , 1997 .

[50]  Ellis S. Cohen Information transmission in computational systems , 1977, SOSP '77.

[51]  Antti Huima,et al.  Using multimodal logic to express conflicting interests in security protocols in proceedings of DIMACS Workshop on Design and formal verification of security protocols , 1997 .

[52]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.

[53]  Andrew C. Simpson,et al.  Safety through security , 1998, Proceedings Ninth International Workshop on Software Specification and Design.

[54]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[55]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[56]  Sylvan Pinsky,et al.  Noninterference equations for nondeterministic systems , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[57]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[58]  Matthew Hennessy,et al.  Algebraic theory of processes , 1988, MIT Press series in the foundations of computing.

[59]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[60]  Peter Y. A. Ryan,et al.  A CSP formulation of non-interference and unwinding , 1991 .

[61]  Roberto Gorrieri,et al.  A Taxonomy of Security Properties for Process Algebras , 1995, J. Comput. Secur..

[62]  John Derrick,et al.  Concurrent and Real‐time Systems: The CSP Approach. By Steve Schneider. Published by John Wiley and Sons Ltd., Chichester, U.K., 2000. ISBN: 0‐471‐62373‐3, 510 pages. Price: U.K. £29.95, U.S.A. $59.99, Soft Cover. , 2000 .

[63]  J. Todd Wittbold,et al.  Information flow in nondeterministic systems , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[64]  Simon N. Foley A taxonomy for information flow policies and models , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[65]  Peter Ryan,et al.  Formal Methods in Systems Engineering , 1993, Springer London.

[66]  Sylvan Pinsky,et al.  Absorbing covers and intransitive non-interference , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[67]  Myong H. Kang,et al.  Design and assurance strategy for the NRL pump , 1997, Proceedings 1997 High-Assurance Engineering Workshop.

[68]  Moti Yung,et al.  Minimal cryptosystems and defining subliminal-freeness , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[69]  Luca Cardelli 1 Mobility and Security , 1999 .

[70]  Matthew K. Franklin,et al.  Low-Exponent RSA with Related Messages , 1996, EUROCRYPT.

[71]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[72]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[73]  Jeremy L. Jacob,et al.  Security specifications , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[74]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[75]  Peter Y. A. Ryan,et al.  Modelling and analysis of security protocols , 2001 .

[76]  Dieter Gollmann,et al.  Computer Security , 1979, Lecture Notes in Computer Science.

[77]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[78]  David Sands,et al.  Probabilistic noninterference for multi-threaded programs , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[79]  A. W. Roscoe,et al.  Automating Data Independence , 2000, ESORICS.

[80]  Roberto Gorrieri,et al.  A compiler for analyzing cryptographic protocols using noninterference , 2000, TSEM.

[81]  Oliver Costich,et al.  A classical automata approach to noninterference type problems , 1992, [1992] Proceedings The Computer Security Foundations Workshop V.

[82]  Steve A. Schneider,et al.  May Testing, Non-interference, and Compositionality , 2001, MFCSIT.

[83]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[84]  Dennis Volpano,et al.  Probabilistic noninterference in a concurrent language , 1999 .