Possibilistic Information Flow Control
نویسنده
چکیده
Distributed systems make increasing use of encrypted channels to enable confidential communication. While non-interference provides suitable means to investigate the flow of information within distributed systems, it has proved to be rather difficult to capture the notion of encrypted channels in such a framework. In this paper, we extend the framework MAKS for possibilistic information flow in order to distinguish between the information flow due to the fact that a message has been sent and the flow that is due to the actual content of a message. We introduce an equivalence relation on observable events to identify those events an observer cannot distinguish and provide reduction techniques that enable us to prove the security of such systems with the help of exisiting unwinding techniques.
منابع مشابه
Possibilistic Information Flow Control in MAKS and Action Refinement
Formal methods emphasizes the need for a top-down approach when developing large reliable software systems. Refinements are used to map step by step abstract algebraic specifications to executable specifications. Action refinements are used to add detailed design information to abstract actions. Information flow control is used to specify and verify the admissible flow of confidential informati...
متن کاملPossibilistic Information Flow Control for Workflow Management Systems
In workflows and business processes, there are often security requirements on both the data, i.e. confidentiality and integrity, and the process, e.g. separation of duty. Graphical notations exist for specifying both workflows and associated security requirements. We present an approach for formally verifying that a workflow satisfies such security requirements. For this purpose, we define the ...
متن کاملTowards Using Possibilistic Information Flow Control
We show how security requirements, in particular confidentiality requirements, for a whole multiagent system can formally be decomposed into confidentiality requirements for the agents. The decomposition assumes that there is some control over, or trust in, a subset of the agents and that the platform is trusted to satisfy certain reasonable assumptions. It is generic over the internal executio...
متن کاملFlow Line Systems with Possibilistic Data: a System with Waiting Time in Line Uncertain
This paper proposes to analyze two flow line systems in which we include possibilistic data -the priority-discipline is possibilistic instead of probabilisticand measure the performances of the systems with the effectiveness measure “waiting time in queue”. In a previous work we have analyzed and developed a queuing model with uncertain priority-discipline, using Zadeh’s extension principle. Be...
متن کاملCompatibility of Safety Properties and Possibilistic Information Flow Security in MAKS
Motivated by typical security requirements of workflow management systems, we consider the integrated verification of both safety properties (e.g. separation of duty) and information flow security predicates of the MAKS framework (e.g. modeling confidentiality requirements). Due to the refinement paradox, enforcement of safety properties might violate possibilistic information flow properties o...
متن کامل