Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Engineering Secure Software and Systems

ESSoS 2016: Engineering Secure Software and Systems pp 260–268Cite as

Idea: Enforcing Security Properties by Solving Behavioural Equations

  • Conference paper

  • 1090 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9639))

Abstract

We present a novel theory of security property enforcement based on universal coalgebra and coinductive calculus. As an example, we show that it is possible to define sound and transparent runtime enforcers for noninterference using behavioural equations, and we preliminarily validate our approach by means of a Haskell implementation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bielova, N.: A theory of constructive and predictable runtime enforcement mechanisms. Ph.D. thesis, University of Trento (2011)

    Google Scholar 

  2. Bohannon, A., Pierce, B.C., Sjöberg, V., Weirich, S., Zdancewic, S.: Reactive noninterference. In: Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, 9–13 November 2009, pp. 79–90 (2009)

    Google Scholar 

  3. Boreale, M., Clark, D., Gorla, D.: A semiring-based trace semantics for processes with applications to information leakage analysis. Math. Struct. Comput. Sci. 25(2), 259–291 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  4. Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010)

    Article  Google Scholar 

  5. Clarkson, M.R., Finkbeiner, B., Koleini, M., Micinski, K.K., Rabe, M.N., Sánchez, C.: Temporal logics for hyperproperties. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 265–284. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  6. Devriese, D., Piessens, F.: Noninterference through secure multi-execution. In: 31st IEEE Symposium on Security and Privacy, S&P 2010, Berleley/Oakland, California, USA, 16–19 May 2010, pp. 109–124 (2010)

    Google Scholar 

  7. Falcone, Y., Fernandez, J., Mounier, L.: What can you verify and enforce at runtime? STTT 14(3), 349–382 (2012)

    Article  Google Scholar 

  8. Finkbeiner, B., Rabe, M.N., Sánchez, C.: Algorithms for model checking HyperLTL and HyperCTL\(^{*}\). In: Kroening, D., Păsăreanu, C.S. (eds.) CAV 2015. LNCS, vol. 9206, pp. 30–48. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  9. Goguen, J.A., Meseguer, J.: Security policies and security models. In: 1982 IEEE Symposium on Security and Privacy, Oakland, CA, USA, 26–28 April 1982, pp. 11–20 (1982)

    Google Scholar 

  10. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: 1984 IEEE Symposium on Security and Privacy, p. 75, April 1984

    Google Scholar 

  11. Jacobs, B.: Objects and classes, coalgebraically. In: Object-Orientation with Parallelism and Persistence, pp. 83–103. Kluwer Academic Publishers (1995)

    Google Scholar 

  12. Jacobs, B.: Introduction to coalgebra. Towards mathematics of states and observations (2012). http://www.cs.ru.nl/B.Jacobs/CLG/JacobsCoalgebraIntro.pdf

  13. Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 19:1–19:41 (2009)

    Article  Google Scholar 

  14. Milushev, D., Clarke, D.: Towards incrementalization of holistic hyperproperties. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 329–348. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  15. Ngo, M., Massacci, F., Milushev, D., Piessens, F.: Runtime enforcement of security policies on black box reactive programs. In: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 43–54. ACM (2015)

    Google Scholar 

  16. Ochoa, M., Cuéllar, J., Pretschner, A., Hallgren, P.: Idea: unwinding based model-checking and testing for non-interference on EFSMs. In: Piessens, F., Caballero, J., Bielova, N. (eds.) ESSoS 2015. LNCS, vol. 8978, pp. 34–42. Springer, Heidelberg (2015)

    Google Scholar 

  17. Rutten, J.: Universal coalgebra: a theory of systems. Theor. Comput. Sci. 249(1), 3–80 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  18. Rutten, J.: Behavioural differential equations: a coinductive calculus of streams, automata, and power series. Theor. Comput. Sci. 308(13), 1–53 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  19. Rutten, J.: A coinductive calculus of streams. Math. Struct. Comput. Sci. 15(1), 93–147 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  20. Sabelfeld, A.: Confidentiality for multithreaded programs via bisimulation. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 260–274. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Silva, A.: Kleene coalgebras. Ph.D. thesis, Radboud University Nijmegen (2010)

    Google Scholar 

Download references

Acknowledgements

This work was partially supported by the European Commission funded project BIOMICS, Grant no. 318202.

Author information

Authors and Affiliations

  1. University of Passau, Passau, Germany

    Eric Rothstein Morris & Joachim Posegga

Authors
  1. Eric Rothstein Morris
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joachim Posegga
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eric Rothstein Morris .

Editor information

Editors and Affiliations

  1. IMDEA Software Institute, Madrid, Spain

    Juan Caballero

  2. Paderborn University & Fraunhofer IEM, Paderborn, Germany

    Eric Bodden

  3. VU University, Amsterdam, The Netherlands

    Elias Athanasopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Rothstein Morris, E., Posegga, J. (2016). Idea: Enforcing Security Properties by Solving Behavioural Equations. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds) Engineering Secure Software and Systems. ESSoS 2016. Lecture Notes in Computer Science(), vol 9639. Springer, Cham. https://doi.org/10.1007/978-3-319-30806-7_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30806-7_17

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30805-0

  • Online ISBN: 978-3-319-30806-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation