2014
DOI: 10.1007/978-3-642-54848-2_1
|View full text |Cite
|
Sign up to set email alerts
|

Model-Driven Information Flow Security for Component-Based Systems

Abstract: Abstract. This paper proposes a formal framework for studying information flow security in component-based systems. The security policy is defined and verified from the early steps of the system design. Two kinds of non-interference properties are formally introduced and for both of them, sufficient conditions that ensures and simplifies the automated verification are proposed. The verification is compositional, first locally, by checking the behavior of every atomic component and then globally, by checking th… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
12
0

Year Published

2016
2016
2023
2023

Publication Types

Select...
5
2

Relationship

2
5

Authors

Journals

citations
Cited by 15 publications
(12 citation statements)
references
References 22 publications
0
12
0
Order By: Relevance
“…Thus, any use request should be followed by an evaluation of all policy rules in all uses in the system to avoid conflicts and violations. Finally, we are considering frameworks, such as secBIP [9], that will allow us to compositionally analyse security properties and generate secure-by-construction systems. Also, we would like to explore guaranteeing security properties by-construction for any number of uses in our model through the application of architectures from predefined architecture styles [7] that capture properties of specific access and usage control policies.…”
Section: Discussionmentioning
confidence: 99%
“…Thus, any use request should be followed by an evaluation of all policy rules in all uses in the system to avoid conflicts and violations. Finally, we are considering frameworks, such as secBIP [9], that will allow us to compositionally analyse security properties and generate secure-by-construction systems. Also, we would like to explore guaranteeing security properties by-construction for any number of uses in our model through the application of architectures from predefined architecture styles [7] that capture properties of specific access and usage control policies.…”
Section: Discussionmentioning
confidence: 99%
“…We also plan to specialize the approach presented in this paper to security-oriented properties. For instance, we will inspire from runtime enforcement of opacity properties for monolithic systems [27] and apply it to secureBIP [41], a secured version of the BIP framework.…”
Section: Perspectivesmentioning
confidence: 99%
“…The proposed model is general enough to deal with information flow security from a practical point of view for commonly used programming languages and/or modeling frameworks such as BPEL. Nevertheless, it should be mentioned that this model is actually a strict subset of the secureBIP component model previously introduced in [6,7]. The latter considers additional coordination mechanisms through multiparty interactions as well as different definitions of non-interference.…”
Section: Component-based Modelmentioning
confidence: 99%
“…(Sketch) It can be shown that the conditions above imply the unwinding conditions of [8] for indistinguishability ≈ s at security level s. In turn, unwinding conditions are guaranteeing non-interference and therefore security as defined in Definition 1. A detailed proof is available in [6,7] for a slightly more general component-based model allowing multiparty interactions between components.…”
Section: Security Modelmentioning
confidence: 99%