Abstract
Non-interference is one of the foundational notions of security stretching back to Goguen and Meseguer [3]. Roughly, a set of activities C is non-interfering with a set D if any possible behavior at D is compatible with anything that could have occurred at C. One also speaks of “no information flow” from C to D in this case. Many hands further developed the idea and its variants (e.g. [12, 15]), which also flourished within the process calculus context [1, 2, 6, 13]. A.W. Roscoe contributed a characteristically distinctive idea to this discussion, in collaboration with J. Woodcock and L. Wulf. The idea was that a system is secure for flow from C to D when, after hiding behaviors at the source C, the destination D experiences the system as deterministic [8, 11]. In the CSP tradition, a process is deterministic if, after engaging in a sequence t of events, it can refuse an event a, then it always refuses the event a after engaging in t [9].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
By an interface, we just mean a set of channels, often but not necessarily near each other in the graph.
References
Focardi, R., Gorrieri, R.: The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans. Softw. Eng. 23(9), 550–571 (1997)
Focardi, R., Gorrieri, R.: Classification of security properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001). doi:10.1007/3-540-45608-2_6
Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy (1982)
Guttman, J.D., Rowe, P.D.: A cut principle for information flow. In: IEEE Computer Security Foundations. IEEE Computer Society Press, July 2015
Intel: Intel Software Guard Extensions (Intel SGX) (2016). https://software.intel.com/en-us/sgx
Jacob, J.: Security specifications. In: IEEE Symposium on Security and Privacy, pp. 14–23. IEEE Computer Society (1988)
Morgan, C.: The Shadow Knows: refinement of ignorance in sequential programs. In: Uustalu, T. (ed.) MPC 2006. LNCS, vol. 4014, pp. 359–378. Springer, Heidelberg (2006). doi:10.1007/11783596_21
Roscoe, A.W.: CSP and determinism in security modelling. In: IEEE Security and Privacy, pp. 114–127. IEEE (1995)
Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Upper Saddle River (1997)
Roscoe, A.W., Goldsmith, M.H.: What is intransitive noninterference? In: 12th IEEE Computer Security Foundations Workshop, pp. 228–238. IEEE CS Press, June 1999
Roscoe, A.W., Woodcock, J.C.P., Wulf, L.: Non-interference through determinism. J. Comput. Secur. 4, 27–53 (1996)
Rushby, J.: Noninterference, transitivity, and channel-control security policies. SRI International, Computer Science Laboratory (1992)
Ryan, P.Y.A.: A CSP formulation of noninterference and unwinding. IEEE CSFW 3, 19–30 (1990)
Sabelfeld, A., Sands, D.: Declassification: dimensions and principles. J. Comput. Secur. 17(5), 517–548 (2009)
Sutherland, D.: A model of information. In: 9th National Computer Security Conference. National Institute of Standards and Technology (1986)
Acknowledgments
I am grateful to Paul D. Rowe and John D. Ramsdell, with whom I discussed many of these ideas. In particular, John Ramsdell worked out the successive frame versions summarized in the figures.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Guttman, J.D. (2017). Information Flow, Distributed Systems, and Refinement, by Example. In: Gibson-Robinson, T., Hopcroft, P., Lazić, R. (eds) Concurrency, Security, and Puzzles. Lecture Notes in Computer Science(), vol 10160. Springer, Cham. https://doi.org/10.1007/978-3-319-51046-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-51046-0_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51045-3
Online ISBN: 978-3-319-51046-0
eBook Packages: Computer ScienceComputer Science (R0)