Dynamic intransitive noninterference revisited

From MaRDI portal


DOI10.1007/S00165-017-0430-6MaRDI QIDQ1688559zbMATH OpenOpenAlexFDO

Authors Sebastian Eggert, Ron van der Meyden

Publication date 8 January 2018

Published in Formal Aspects of Computing (Search for Journal in Brave)

Full work available at URL https://arxiv.org/abs/1601.05187


zbMATH Keywords

securityinformation flowaccess controlproof techniques

Mathematics Subject Classification ID

Formal languages and automata (68Q45) Coding and information theory (compaction, compression, models of communication, encoding schemes, etc.) (aspects in computer science) (68P30)


Abstract: The paper studies dynamic information flow security policies in an automaton-based model. Two semantic interpretations of such policies are developed, both of which generalize the notion of TA-security [van der Meyden ESORICS 2007] for static intransitive noninterference policies. One of the interpretations focuses on information flows permitted by policy edges, the other focuses on prohibitions implied by absence of policy edges. In general, the two interpretations differ, but necessary and sufficient conditions are identified for the two interpretations to be equivalent. Sound and complete proof techniques are developed for both interpretations. Two applications of the theory are presented. The first is a general result showing that access control mechanisms are able to enforce a dynamic information flow policy. The second is a simple capability system motivated by the Flume operating system.


Recommendations


Cites work


Cited in
(12)






This page was built for publication: Dynamic intransitive noninterference revisited

Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q1688559)

Retrieved from "https://portal.mardi4nfdi.de/w/index.php?title=Dynamic_intransitive_noninterference_revisited&oldid=72516573"
Powered by MediaWiki