Abstract
The development of formal security models is a difficult, time consuming, and expensive task. This development burden can be considerably reduced by using generic security models. In a security model, confidentiality as well as integrity requirements can be expressed by restrictions on the information flow. Generic models for controling information flow in distributed systems have been thoroughly investigated. Nevertheless, the known approaches cannot cope with common features of secure distributed systems like channel control, information filters, or explicit downgrading. This limitation caused a major gap which has prevented the migration of a large body of research into practice. To bridge this gap is the main goal of this article.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Riccardo Focardi and Fabio Martinelli. A Uniform Approach to the Definition of Security Properties. In FM’99-Formal Methods (vol. 1), LNCS 1708, pages 794–813. Springer, 1999.
J. A. Goguen and J. Meseguer. Security Policies and Security Models. In Proceedings of the IEEE Symposium on Security and Privacy, pages 11–20, Oakland, CA, April 26-28 1982.
J. A. Goguen and J. Meseguer. Inference Control and Unwinding. In Proceedings of the IEEE Symposium on Security and Privacy, pages 75–86, Oakland, CA, April 29-May 2 1984.
Dale M. Johnson and F. Javier Thayer. Security and the Composition of Machines. In Proceedings of the Computer Security Foundations Workshop, pages 72–89, Franconia, NH, June 1988.
Heiko Mantel. Possibilistic De_nitions of Security-An Assembly Kit-. In Proceedings of the IEEE Computer Security Foundations Workshop, pages 185–199, Cambridge, UK, July 3-5 2000. IEEE Computer Society.
Heiko Mantel. Unwinding Possibilistic Security Properties. In European Symposium on Research in Computer Security (ESORICS), pages 238–254, LNCS 1895, Toulouse, France, October 4-6 2000. Springer.
Daryl McCullough. Specifications for Multi-Level Security and a Hook-Up Property. In Proceedings of the IEEE Symposium on Security and Privacy, pages 161–166, Oakland, CA, April 27-29 1987.
John McLean. A General Theory of Composition for a Class of “Possibilistic” Security Properties. IEEE Transaction on Software Engineering, 22(1):53–67, January 1996.
Colin O’Halloran. A Calculus of Information Flow. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), pages 147–159, Toulouse, France, October 24-26 1990.
Sylvan Pinsky. Absorbing Covers and Intransitive Non-Interference. In Proceedings of the IEEE Symposium on Security and Privacy, pages 102–113, Oakland, CA, May 8-10 1995.
A.W. Roscoe and M.H. Goldsmith. What is intransitive noninterference? In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 228–238, Mordano, Italy, June 28-30 1999.
P.Y.A. Ryan and S.A. Schneider. Process Algebra and Non-interference. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 214–227, Mordano, Italy, June 28-30 1999.
[Rus92]John Rushby. Noninterference, Transitivity, and Channel-Control Security Policies. Technical Report CSL-92-02, SRI International, 1992.
Steve Schneider. Concurrent and real-time systems: the CSP approach. John Wiley, Chichester, England; New York, 2000.
G. Schellhorn, W. Reif, A. Schairer, P. Karger, V. Austel, and D. Toll. Verification of a Formal Security Model for Multiapplicative Smart Cards. In European Symposium on Research in Computer Security (ESORICS), pages 17–36, LNCS 1895, Toulouse, France, October 4-6 2000. Springer.
D. Sutherland. A Model of Information. In 9th National Computer Security Conference, September 1986.
R.J. van Glabbeek. The Linear Time-Branching Time Spectrum. In Proceedings of CONCUR’90, Theories of Concurrency: Unification and Extensions, pages 278–297, LNCS 458. Springer, 1990.
J. Todd Wittbold and Dale M. Johnson. Information Flow in Nondeter-ministic Systems. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 144–161, Oakland, CA, May 1990.
Aris Zakinthinos and E.S. Lee. A General Theory of Security Properties. In Proceedings of the IEEE Symposium on Security and Privacy, pages 94–102, Oakland, CA, May 4-7 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mantel, H. (2001). Information Flow Control and Applications — Bridging a Gap —. In: Oliveira, J.N., Zave, P. (eds) FME 2001: Formal Methods for Increasing Software Productivity. FME 2001. Lecture Notes in Computer Science, vol 2021. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45251-6_9
Download citation
DOI: https://doi.org/10.1007/3-540-45251-6_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41791-0
Online ISBN: 978-3-540-45251-5
eBook Packages: Springer Book Archive