Non-Interference Through Determinism
نویسندگان
چکیده
The standard approach to the specification of a secure system is to present a (usually state-hased) abstract security model separately from the specification of the system's functional n:quirements, and establishing a correspondence between the two specifications. This complex treatment has resulted in development methods distinct from those usually advocated for general applications. We provide a novel and intellectually satisfying formulation of security propel1ies in a process algebraic framework. and show that these are preserved under refinement. We relate the results to a more familiar state-based (Z) specification methodology. There are efficient algorithms for verifying our security properties using model checking.
منابع مشابه
Checking Non-Interference in SPMD Programs
We study one of the basic multicore and GPU programming models, namely, SPMD (Single-Program Multiple-Data) programs. We define a formal model of SPMD programs based on interleaving threads that manipulate global and local arrays, and synchronize via barriers. SPMD programs are written with the intention to be deterministic, although programming errors may result in this not being true. SPMD pr...
متن کاملA Genealogy of Non-Interference
Non-interference is intended to capture the idea that one user’s interaction with a system should not causally effect any observations of the system that can be made by another user. Thus the latter user should be unable to infer anything from observations of the system about the actual behaviour of the former. As such it is a central concept in security modelling . Ever since Goguen and Mesegu...
متن کاملChecking Equivalence of SPMD Programs Using Non- Interference
We study one of the basic multicore and GPU programming models, namely, SPMD (Single-Program Multiple-Data) programs. We define a formal model of SPMD programs based on interleaving threads that manipulate global and local arrays, and synchronize via barriers. SPMD programs are written with the intention to be deterministic, although programming errors may result in this not being true. SPMD pr...
متن کاملComposing and decomposing systems under security properties
We investigate the formal relationship between separability of processes and the types of non-interference properties they enjoy. Though intuitively appealing, separability – the ability to define a process as a parallel composition of disjoint components – alone cannot adequately prove the absence of information flow. We present a number of laws for the composition of secure systems, and an ex...
متن کاملRelational Verification Using Product Programs
Relational program logics are formalisms for specifying and verifying properties about two programs or two runs of the same program. These properties range from correctness of compiler optimizations or equivalence between two implementations of an abstract data type, to properties like non-interference or determinism. Yet the current technology for relational verification remains underdeveloped...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Computer Security
دوره 4 شماره
صفحات -
تاریخ انتشار 1994