Heiko Mantel scite author profile

When complex systems are constructed from simpler components it is important to know how properties of the components behave under composition. In this article, we present various compositionality results for security properties. In particular, we introduce a novel security property and show that this property is, in general, composable although it is weaker than forward correctability. Moreover, we demonstrate that certain nontrivial security properties emerge under composition and illustrate how this fact can be exploited. All compositionality results that we present are verified with the help of a single, quite powerful lemma. Basing on this lemma, we also re-prove several already known compositionality results with the objective to unify these results. As a side effect, we obtain a classification of known compositionality results for security properties.

show abstract

Assumptions and Guarantees for Compositional Noninterference

Mantel

Sands

Sudbrock

2011

View full text Add to dashboard Cite

Abstract-The idea of building secure systems by plugging together "secure" components is appealing, but this requires a definition of security which, in addition to taking care of toplevel security goals, is strengthened appropriately in order to be compositional. This approach has been previously studied for information-flow security of shared-variable concurrent programs, but the price for compositionality is very high: a thread must be extremely pessimistic about what an environment might do with shared resources. This pessimism leads to many intuitively secure threads being labelled as insecure.Since in practice it is only meaningful to compose threads which follow an agreed protocol for data access, we take advantage of this to develop a more liberal compositional security condition. The idea is to give the security definition access to the intended pattern of data usage, as expressed by assumption-guarantee style conditions associated with each thread. We illustrate the improved precision by developing the first flow-sensitive security type system that provably enforces a noninterference-like property for concurrent programs.

show abstract

Static Confidentiality Enforcement for Distributed Programs

Sabelfeld

Mantel

2002

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Heiko Mantel

Possibilistic definitions of security-an assembly kit

Controlled Declassification Based on Intransitive Noninterference

On the composition of secure systems

Assumptions and Guarantees for Compositional Noninterference

Static Confidentiality Enforcement for Distributed Programs

Contact Info

Product

Resources

About