Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Information Flow, Distributed Systems, and Refinement, by Example

  • Chapter
  • First Online:
Concurrency, Security, and Puzzles

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10160))

  • 740 Accesses

Abstract

Non-interference is one of the foundational notions of security stretching back to Goguen and Meseguer [3]. Roughly, a set of activities C is non-interfering with a set D if any possible behavior at D is compatible with anything that could have occurred at C. One also speaks of “no information flow” from C to D in this case. Many hands further developed the idea and its variants (e.g. [12, 15]), which also flourished within the process calculus context [1, 2, 6, 13]. A.W. Roscoe contributed a characteristically distinctive idea to this discussion, in collaboration with J. Woodcock and L. Wulf. The idea was that a system is secure for flow from C to D when, after hiding behaviors at the source C, the destination D experiences the system as deterministic [8, 11]. In the CSP tradition, a process is deterministic if, after engaging in a sequence t of events, it can refuse an event a, then it always refuses the event a after engaging in t [9].

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    By an interface, we just mean a set of channels, often but not necessarily near each other in the graph.

References

  1. Focardi, R., Gorrieri, R.: The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans. Softw. Eng. 23(9), 550–571 (1997)

    Article  Google Scholar 

  2. Focardi, R., Gorrieri, R.: Classification of security properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001). doi:10.1007/3-540-45608-2_6

    Chapter  Google Scholar 

  3. Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy (1982)

    Google Scholar 

  4. Guttman, J.D., Rowe, P.D.: A cut principle for information flow. In: IEEE Computer Security Foundations. IEEE Computer Society Press, July 2015

    Google Scholar 

  5. Intel: Intel Software Guard Extensions (Intel SGX) (2016). https://software.intel.com/en-us/sgx

  6. Jacob, J.: Security specifications. In: IEEE Symposium on Security and Privacy, pp. 14–23. IEEE Computer Society (1988)

    Google Scholar 

  7. Morgan, C.: The Shadow Knows: refinement of ignorance in sequential programs. In: Uustalu, T. (ed.) MPC 2006. LNCS, vol. 4014, pp. 359–378. Springer, Heidelberg (2006). doi:10.1007/11783596_21

    Chapter  Google Scholar 

  8. Roscoe, A.W.: CSP and determinism in security modelling. In: IEEE Security and Privacy, pp. 114–127. IEEE (1995)

    Google Scholar 

  9. Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Upper Saddle River (1997)

    Google Scholar 

  10. Roscoe, A.W., Goldsmith, M.H.: What is intransitive noninterference? In: 12th IEEE Computer Security Foundations Workshop, pp. 228–238. IEEE CS Press, June 1999

    Google Scholar 

  11. Roscoe, A.W., Woodcock, J.C.P., Wulf, L.: Non-interference through determinism. J. Comput. Secur. 4, 27–53 (1996)

    Article  Google Scholar 

  12. Rushby, J.: Noninterference, transitivity, and channel-control security policies. SRI International, Computer Science Laboratory (1992)

    Google Scholar 

  13. Ryan, P.Y.A.: A CSP formulation of noninterference and unwinding. IEEE CSFW 3, 19–30 (1990)

    Google Scholar 

  14. Sabelfeld, A., Sands, D.: Declassification: dimensions and principles. J. Comput. Secur. 17(5), 517–548 (2009)

    Article  Google Scholar 

  15. Sutherland, D.: A model of information. In: 9th National Computer Security Conference. National Institute of Standards and Technology (1986)

    Google Scholar 

Download references

Acknowledgments

I am grateful to Paul D. Rowe and John D. Ramsdell, with whom I discussed many of these ideas. In particular, John Ramsdell worked out the successive frame versions summarized in the figures.

Author information

Authors and Affiliations

  1. The MITRE Corporation, Bedford, Massachusetts, USA

    Joshua D. Guttman

  2. Worcester Polytechnic Institute, Worcester, Massachusetts, USA

    Joshua D. Guttman

Authors
  1. Joshua D. Guttman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joshua D. Guttman .

Editor information

Editors and Affiliations

  1. University of Oxford, Oxford, United Kingdom

    Thomas Gibson-Robinson

  2. University of Oxford, Oxford, United Kingdom

    Philippa Hopcroft

  3. University of Warwick, Coventry, United Kingdom

    Ranko Lazić

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Guttman, J.D. (2017). Information Flow, Distributed Systems, and Refinement, by Example. In: Gibson-Robinson, T., Hopcroft, P., Lazić, R. (eds) Concurrency, Security, and Puzzles. Lecture Notes in Computer Science(), vol 10160. Springer, Cham. https://doi.org/10.1007/978-3-319-51046-0_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-51046-0_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-51045-3

  • Online ISBN: 978-3-319-51046-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation