Filters








112,836 Hits in 8.7 sec

Classification of Security Properties [chapter]

Riccardo Focardi, Roberto Gorrieri
2001 Lecture Notes in Computer Science  
This paper mainly follows [21] and covers the first part of the course "Classification of Security Properties" given by Roberto Gorrieri and Riccardo Focardi at FOSAD'00 school.  ...  A classification of security properties is thus of interest for understanding the relationships among different definitions and for evaluating the relative merits.  ...  This has been the topic of the second part of the course "Classification of Security Properties" at FOSAD'00 school, and we are presently working on a tutorial which will cover it [27] .  ... 
doi:10.1007/3-540-45608-2_6 fatcat:i2reo2stifa27jxfzqzcxbwpha

Information flow in systems with schedulers, Part I: Definitions

Ron van der Meyden, Chenyi Zhang
2013 Theoretical Computer Science  
This paper studies information flow security in a synchronous state machine model, in which agents share a global clock and can make observations at all times, but in which an agents' ability to perform  ...  A number of definitions of security for this setting are proposed, depending on whether the attacker is active or passive, whether the security should be robust to discovery of the schedule by the attacker  ...  Introduction Information flow security is concerned with the ability of agents in a system to make deductions about the activity of others, or to cause information to Part I of this two part series of  ... 
doi:10.1016/j.tcs.2012.10.047 fatcat:pjhyoroyhjgq7apbqlxjjjcuty

A Classification of Time and/or Probability Dependent Security Properties

Ruggero Lanotte, Andrea Maggiolo-Schettini, Angelo Troina
2006 Electronical Notes in Theoretical Computer Science  
We define a Non-Interference security property that allows one to express information flow in a timed and probabilistic setting, and we compare the property with analogous properties defined in settings  ...  Initial studies of information flow analysis were performed by abstracting away from time and probability.  ...  In [10] Focardi and Gorrieri promote the classification of a set of properties capturing the idea of information flow and Non-Interference.  ... 
doi:10.1016/j.entcs.2005.10.038 fatcat:frbzc3mypvcazmkptpqozov7qu

Classification of security properties in a Linda-like process algebra

Alessandro Aldini
2006 Science of Computer Programming  
We provide a classification of noninterference-based security properties for the formal analysis of secure information flow in concurrent and distributed systems.  ...  the security properties, by giving a new intuition to the relative merits.  ...  secure information flow constraints.  ... 
doi:10.1016/j.scico.2005.07.010 fatcat:72y4knahrbcffnkd7rhslqymyu

Information-Flow Interfaces [article]

Ezio Bartocci, Thomas Ferrère, Thomas A. Henzinger, Dejan Nickovic, Ana Oliveira da Costa
2020 arXiv   pre-print
security properties, thus paving the way for a science of safety and security co-engineering.  ...  Finally, we provide three plausible trace semantics to stateful information-flow interfaces and we show that only two correspond to temporal logics for specifying hyperproperties, while the third defines  ...  Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. International Journal of Information Security, 8(6):399-422, 2009. 22 C. A. R.  ... 
arXiv:2002.06465v3 fatcat:qndy4q57y5c2dodmymkv63acei

Dependent Information Flow Types

Luísa Lourenço, Luís Caires
2015 Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL '15  
In this paper, we develop a novel notion of dependent information flow types.  ...  Dependent information flow types fit within the standard framework of dependent type theory, but, unlike usual dependent types, crucially allow the security level of a type, rather than just the structural  ...  of value dependent information classification.  ... 
doi:10.1145/2676726.2676994 dblp:conf/popl/LourencoC15 fatcat:mp4lyjxnr5htjjhogdqdoewt4i

Possibilistic Information Flow Control for Workflow Management Systems

Thomas Bauereiss, Dieter Hutter
2014 Electronic Proceedings in Theoretical Computer Science  
We describe how a compositional verification methodology for possibilistic information flow can be adapted to verify that a specification of a distributed workflow management system satisfies security  ...  For this purpose, we define the semantics of a workflow as a state-event system and formalise security properties in a trace-based way, i.e. on an abstract level without depending on details of enforcement  ...  Acknowledgements We thank Richard Gay, Sylvia Grewe, Steffen Lortz, Heiko Mantel and Henning Sudbrock for providing a formalisation of the MAKS framework in Isabelle/HOL that allowed us to verify our main  ... 
doi:10.4204/eptcs.148.4 fatcat:2hefu3pau5e6rjhgm53ggxbj7u

Real-time information flow analysis

R. Focardi, R. Gorrieri, F. Martinelli
2003 IEEE Journal on Selected Areas in Communications  
In previous work, we have studied some noninterference properties for information flow analysis in computer systems on classic (possibilistic) labeled transition systems.  ...  He has authored more than 90 papers on formal methods, theory of concurrency, and foundations of security.  ...  SECURITY PROPERTIES IN A REAL-TIME SETTING In this section, we present some information flow security properties.  ... 
doi:10.1109/jsac.2002.806122 fatcat:pawjn72wkvcrtpt4hssdokiuk4

Secure information flow and program logics

Lennart Beringer, Martin Hofmann
2007 Computer Security Foundations Workshop (CSFW), Proceedings of the IEEE  
We present interpretations of type systems for secure information flow in Hoare logic, complementing previous encodings in binary (e.g. relational) program logics.  ...  certify the absence of illicit flows.  ...  Acknowledgements This work was supported in part by the Information Society Technologies programme of the European Commission, Future and Emerging Technologies under the IST-2005-015905 MOBIUS project,  ... 
doi:10.1109/csf.2007.30 dblp:conf/csfw/BeringerH07 fatcat:ig3kwrdrwzdnlkmkmvqwoki3ce

A verified information-flow architecture

Arthur Azevedo de Amorim, Nathan Collins, André DeHon, Delphine Demange, Cătălin Hriţcu, David Pichardie, Benjamin C. Pierce, Randy Pollack, Andrew Tolmach
2016 Journal of Computer Security  
SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows.  ...  We present a formal, machine-checked model of the key hardware and software mechanisms used to control information flow in SAFE and an endto-end proof of noninterference for this model.  ...  The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense or the U.S. Government.  ... 
doi:10.3233/jcs-15784 fatcat:2gzaehcyhvbknd36qivbp3dtym

A verified information-flow architecture

Arthur Azevedo de Amorim, Nathan Collins, André DeHon, Delphine Demange, Cătălin Hriţcu, David Pichardie, Benjamin C. Pierce, Randy Pollack, Andrew Tolmach
2014 Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL '14  
SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows.  ...  We present a formal, machine-checked model of the key hardware and software mechanisms used to control information flow in SAFE and an endto-end proof of noninterference for this model.  ...  The views expressed are those of the authors and do not reflect the official policy or position of the Department of Defense or the U.S. Government.  ... 
doi:10.1145/2535838.2535839 dblp:conf/popl/AmorimCDDHPPPT14 fatcat:caghr7pxirdnfhhgs7seyz7jgu

A Verified Information-Flow Architecture [article]

Arthur Azevedo de Amorim, Nathan Collins, André DeHon, Delphine Demange, Catalin Hritcu, David Pichardie, Benjamin C. Pierce, Randy Pollack, Andrew Tolmach
2016 arXiv   pre-print
SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows.  ...  We use an intermediate layer in the refinement chain that factors out the details of the information-flow control policy and devise a code generator for compiling such information-flow policies into low-level  ...  up information-flow tracking [16] .  ... 
arXiv:1509.06503v2 fatcat:ajryc67ilzhqbg2l435lpazaki

A lattice model of secure information flow

Dorothy E. Denning
1976 Communications of the ACM  
The model provides a unifying view of all systems that restrict information flow, enables a classification of them according to security objectives, and suggests some new approaches.  ...  The lattice properties permit concise formulations of the security requirements of different existing systems and facilitate the construction of mechanisms that enforce security.  ...  Finally, I wish I knew who the referees were so I could thank them personally! 242 Communications May 1976 of Volume 19 the ACM Number 5  ... 
doi:10.1145/360051.360056 fatcat:muxc35byozhtlei3u4px6qik2e

Quantitative information flow as safety and liveness hyperproperties

Hirotoshi Yasuoka, Tachio Terauchi
2014 Theoretical Computer Science  
The results of this paper unify and extend the previous results on the hardness of checking and inferring quantitative information flow.  ...  We employ Clarkson and Schneider's "hyperproperties" to classify various verification problems of quantitative information flow.  ...  In essence, quantitative information flow measures how secure, or insecure, a program (or a part of a program -e.g., a variable-) is.  ... 
doi:10.1016/j.tcs.2013.07.031 fatcat:ofigo4ltmjeqjl6ay6m3tzgf3a

Quantitative Information Flow as Safety and Liveness Hyperproperties

Hirotoshi Yasuoka, Tachio Terauchi
2012 Electronic Proceedings in Theoretical Computer Science  
The results of this paper unify and extend the previous results on the hardness of checking and inferring quantitative information flow.  ...  We employ Clarkson and Schneider's "hyperproperties" to classify various verification problems of quantitative information flow.  ...  In essence, quantitative information flow measures how secure, or insecure, a program (or a part of a program -e.g., a variable-) is.  ... 
doi:10.4204/eptcs.85.6 fatcat:bvqvo22bvrbmta75nnzz3nqisy
« Previous Showing results 1 — 15 out of 112,836 results