Abstract
Persistent_BNDC (P_BNDC, for short) is a security property for processes in dynamic contexts, i.e., contexts that can be reconfigured at runtime.We study how to efficiently decide if a process is P_BNDC.We exploit a characterization of P_BNDC through a suitable notion of Weak Bisimulation up to high level actions. In the case of finite-state processes, we study two methods for computing the largest weak bisimulation up to high level actions: (1) via Characteristic Formulae and Model Checking for μ-calculus and (2) via Closure up to a set of actions and Strong Bisimulation. This second method seems to be particularly appealing: it can be performed using already existing tools at a low time complexity.
Partially supported by the MURST projects “Interpretazione astratta, type systems e analisi control-flow” and “Modelli formali per la sicurezza” and the EU Contract IST-2001-32617 ”Models and Types for Security in Mobile Distributed Systems”.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
A. Bouali. XEVE, an ESTEREL verification environment. In A. J. Hu and M. Y. Vardi, editors, Proc. of Int. Conference on Computer Aided Verification (CAV’98), volume 1427 of LNCS, pages 500–504. Springer, 1998.
A. Bouali and R. de Simone. Symbolic bisimulation minimization. In G. von Bochmann and D. K. Probst, editors, Proc. of Int. Conference on Computer Aided Verification (CAV’92), volume 663 of LNCS, pages 96–108. Springer, 1992.
E. M. Clarke, O. Grumberg, and D. A. Peled. Model checking. The MIT Press, 1999.
R. Cleaveland and S. Sims. The NCSU concurrency workbench. In R. Alur and T. Henzinger, editors, Proc. of Int. Conference on Computer Aided Verification (CAV’96), volume 1102 of LNCS, pages 394–397. Springer, 1996.
D. Coppersmith and S. Winograd. Matrix multiplication via arithmetic progression. In Proc. of the 19th Symposium on Theory of Computing, pages 1–6, 1987.
T. H. Cormen, C. E. Leiserson, and R. L. Rivest. Introduction to Algorithms. The MIT Press, 1990.
A. Dovier, C. Piazza, and A. Policriti. A fast bisimulation algorithm. In G. Berry, H. Comon, and A. Finkel, editors, Proc. of Int. Conference on Computer Aided Verification (CAV’01), volume 2102 of LNCS, pages 79–90. Springer, 2001.
R. Focardi and R. Gorrieri. A Classification of Security Properties for Process Algebras. Journal of Computer Security, 3(1):5–33, 1994/1995.
R. Focardi and R. Gorrieri. The Compositional Security Checker: A Tool for the verification if Information Flow Security Properties. IEEE Transactions on Software Engineering, 23(9):550–571, 1997.
R. Focardi and R. Gorrieri. Classification of Security Properties (Part I: Information Flow). In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design, volume 2171 of LNCS. Springer, 2001.
R. Focardi and S. Rossi. A Security Property for Processes in Dynamic Contexts. In Proc. of Workshop on Issues in the Theory of Security (WITS’ 02).To appear.
R. Focardi and S. Rossi. Information Flow Security in Dynamic Contexts. Technical Report CS-2001-16, Dipartimento di Informatica, Universitá Ca’ Foscari di Venezia, Italy, 2001.
J. A. Goguen and J. Meseguer. Security Policy and Security Models. In Proc. of the 1982 Symposium on Security and Privacy, pages 11–20. IEEE Computer Society Press, 1982.
A. Goralcikova and V. Koubek. A reduct and closure algorithm for graphs. In Proc. of Mathematical Foundations of Computer Science (MFCS’79), volume 74 of LNCS, pages 301–307. Springer, 1979.
P. C. Kannellakis and S. A. Smolka. CCS expressions, finite state processes, and three problems of equivalence. Information and Computation, 86(1):43–68, 1990.
D. Kozen. Results on the Propositional μ-calculus. Theoretical Computer Science, 27:333–354, 1983.
D. Lee and M. Yannakakis. Online minimization of transition systems. In Proc. of 24th ACM Symposium on Theory of Computing (STOC’92), pages 264–274. ACM Press, 1992.
D. Long, A. Browne, E. Clarke, S. Jha, and W. Marrero. An improved Algorithm for the Evaluation of Fixpoint expressions. In D. L. Dill, editor, Proc. of Int. Conference on Computer Aided Verification (CAV’94), volume 818 of LNCS, pages 338–350. Springer, 1994.
A. Mader. Modal μ-calculus, Model Checking, and Gauss elimination. In E. Brinksma, R. Cleaveland, K.G. T. Margaria Larsen, and B. Steffen, editors, Proc. of Int. Conference on Tools and Algorithms for Construction and Analysis of Systems (TACAS’95), volume 1019 of LNCS, pages 72–88. Springer, 1995.
R. Milner. Communication and Concurrency. Prentice-Hall, 1989.
M. Müller-Olm. Derivation of Characteristic Formulae. Electronic Notes in Theoretical Computer Science, 18, 1998.
R. Paige and R. E. Tarjan. Three partition refinement algorithms. SIAM Journal on Computing, 16(6):973–989, 1987.
A. W. Roscoe. The Theory and Practice of Concurrency. Series in Computer Science. Prentice Hall, 1998.
B. Steffen and A. Ingòlfsdòttir. Characteristic Formulae for Processes with Divergence. Information and Computation, 110(1):149–163, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Piazza, C., Rossi, S. (2002). Proofs Methods for Bisimulation Based Information Flow Security. In: Cortesi, A. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2002. Lecture Notes in Computer Science, vol 2294. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47813-2_2
Download citation
DOI: https://doi.org/10.1007/3-540-47813-2_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43631-7
Online ISBN: 978-3-540-47813-3
eBook Packages: Springer Book Archive