Possibilistic definitions of security-an assembly kit

H. Mantel
Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13  
We present a framework in which different notions of security can be defined in a uniform and modular way. Each definition of security is formalized as a security predicate by assembling more primitive basic security predicates. A collection of such basic security predicates is defined and we demonstrate how well-known concepts like generalized non-interference or separability can be constructed from them. The framework is open and can be extended with new basic security predicates using a
more » ... icates using a general schema. We investigate the compatibility of the assembled definitions with system properties apart from security and propose a new definition of security which does not restrict non-critical information flow. It turns out that the modularity of our framework simplifies these investigation. Finally, we discuss the stepwise development of secure systems. Theorem 4. RE, RI, SRI, DE, DI, BSDI, and SDI are ordered by implication as depicted in Figure 2. Proof. SDI © SRI and DI © RI are proved by induction on the number of high-level input events, DE © RE by induction on the number of high-level events, and DE
doi:10.1109/csfw.2000.856936 dblp:conf/csfw/Mantel00 fatcat:2rjzgpyewfbpbhwgzl24ocqlxi