This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Uniform Presentation of Confidentiality Properties
November 1991 (vol. 17 no. 11)
pp. 1186-1194

Security (in the sense of confidentiality) properties are properties of shared systems. A suitable model of shared systems, in which one can formally define the term security property and then proceed to catalog several security properties, is presented. The purpose is to present various information-flow properties in a manner that exposes their differences and similarities. Abstraction is the main tool, and everything that is not central to the purpose is discarded. The presentation is generic in the model of computation. The abstraction lays bare a regular structure into which many interesting information-flow properties fall. A shared system is represented by a relation. How this model lets one reason about information flow is discussed and the term information flow property is formally defined. Various information-flow properties are described. Composability and probabilistic security properties are addressed.

[1] S. N. Foley, "A universal theory of information flow," inProc. 1987 IEEE Symp. Security and Privacy. Los Alamitos, CA: IEEE Computer Soc., 1987, pp. 116-121.
[2] S. N. Foley, "A theory and model for secure information flow," Ph.D. thesis, Nat. Univ. Ireland, Sept. 1988.
[3] J. A. Goguen and J. Meseguer, "Security policies and security models," inProc. 1982 IEEE Symp. Security and Privacy, Los Alamitos, CA: IEEE Computer Soc., 1982, pp. 11-20.
[4] J. A. Goguen and J. Meseguer, "Unwinding and inference control," inProc.; 1984 IEEE Symp. Security and Privacy, Los Alamitos, CA: IEEE Computer Soc., 1982, pp. 75-86.
[5] J. W. Gray III, "Information sharing in secure systems," inProc. Comput. Security Foundations Workshop III, Los Alamitos, CA: IEEE Computer Soc., 1990, pp. 128-138.
[6] J. W. Gray III, "Probabilistic interference," inProc. 1990 IEEE Symp. Security and Privacy. Los Alamitos, CA: IEEE Computer Soc., 1990, pp. 170- 179.
[7] C.A.R. Hoare,Communicating Sequential Processes, Prentice Hall, Englewood, N.J., 1985.
[8] J. L. Jacob, "A framework for security," inProc. Comput. Security Foundations Workshop. Mitre Corp., 1988, pp. 98-111.
[9] J. Jacob, "Security specifications," inProc. IEEE Symp. Security and Privacy, Oakland, CA, Apr. 1988, pp. 14-23.
[10] J. L. Jacob, "Refinement of shared systems," inThe Theory and Practice of Refinement: Approaches to the Development of Large-Scale Software Systems, J. A. McDermid, Ed. London: Butterworths, 1989, pp. 27-36.
[11] J. L. Jacob, "Categorizing non-interference," inProc. Comput. Security Foundations Workshop III, Los Alamitos, CA: IEEE Computer Soc., 1990, pp. 44-50.
[12] J. L. Jacob, "Separability and the detection of hidden channels,"Inform. Process. Lett., vol. 34, no. 1, pp. 27-29, Feb. 1990.
[13] D. Johnson and J. Thayer, "Security and the composition of machines," inProc. Comput. Security Foundations Workshop. Mitre Corp, 1988, pp. 98-111.
[14] D. McCullough "Specifications for multi-level security and a hookup property," inProc. 1987 IEEE Symp. Security and Privacy. Los Alamitos, CA: IEEE Computer Soc., 1988, pp. 161-166.
[15] D. McCullough, "Noninterference and the composability of security properties," inProc. 1988 Symp. Security and Privacy, Oakland, CA, IEEE Comput. Soc., Apr. 1988.
[16] J. McLean, "Security models and information flow," inProc. 1990 IEEE Symp. Security and Privacy, Los Alamitos, CA: IEEE Computer Soc., 1990, pp. 180-187.
[17] I. S. Moskowitz, "Quotient states and probabilistic channels," inProc. Comput. Security Foundations Workshop III. Los Alamitos, CA: IEEE Computer Soc., 1990, pp. 74-83.
[18] J. M. Rushby, "The design and verification of secure systems," inProc. 8th ACM Symp. Operating Syst. Principles, Dec. 1981, (also available inACM Operating Syst. Rev.vol. 15, no. 5).
[19] D. Sutherland, "A model of information," inProc. 9th Nat. Comput. Security Conf.U.S. Nat. Comput. Security Ctr. and U.S. Nat. Bureau of Standards, 1986.
[20] D. Welsh,Codes and Cryptography. Oxford, UK: Oxford Univ. Press, 1988

Index Terms:
composability; confidentiality properties; security property; information-flow properties; probabilistic security properties; security of data
Citation:
J. Jacob, "A Uniform Presentation of Confidentiality Properties," IEEE Transactions on Software Engineering, vol. 17, no. 11, pp. 1186-1194, Nov. 1991, doi:10.1109/32.106973
Usage of this product signifies your acceptance of the Terms of Use.