How and why feedback composition fails [secure systems]

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by A. Zakinthinos Articles by E.S. Lee

Ninth IEEE Computer Security Foundations Workshop

Dromquinna Manor, Kenmare, County Kerry, Ireland

March 10-March 12

ISBN: 0-8186-7522-5

	ASCII Text	x
	A. Zakinthinos, E.S. Lee, "How and why feedback composition fails [secure systems]," Computer Security Foundations Workshop, IEEE, pp. 95, Ninth IEEE Computer Security Foundations Workshop, 1996.

	BibTex	x
	@article{ 10.1109/CSFW.1996.503694, author = {A. Zakinthinos and E.S. Lee}, title = {How and why feedback composition fails [secure systems]}, journal ={Computer Security Foundations Workshop, IEEE}, volume = {0}, year = {1996}, issn = {1063-6900}, pages = {95}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSFW.1996.503694}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Workshop, IEEE TI - How and why feedback composition fails [secure systems] SN - 1063-6900 SP EP A1 - A. Zakinthinos, A1 - E.S. Lee, PY - 1996 KW - security of data; feedback composition; composability; generalized noninterference; secure components; necessary and sufficient conditions; system designer; restrictiveness; n-forward correctability VL - 0 JA - Computer Security Foundations Workshop, IEEE ER -

A. Zakinthinos, Comput. Syst. Res. Inst., Toronto Univ., Ont., Canada

E.S. Lee, Comput. Syst. Res. Inst., Toronto Univ., Ont., Canada

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSFW.1996.503694

This paper examines the effects of the structure of the system on the composability of Generalized Non-Interference (GNI). It is proven that in a system constructed from GNI secure components, the only possible interconnection that can cause the system not to satisfy GNI occurs when two components are composed with feedback. We also present necessary and sufficient conditions for the composition of GNI secure components to yield a system that is GNI secure. The theorems are then used to provide a procedure to the system designer to construct a GNI secure system from GNI secure components. We also investigate reasons behind the composability of restrictiveness and n-forward correctability. It is shown that these properties compose because they eliminate one of the conditions that causes the composition of GNI secure components to fail.

Index Terms:

security of data; feedback composition; composability; generalized noninterference; secure components; necessary and sufficient conditions; system designer; restrictiveness; n-forward correctability

Citation:

A. Zakinthinos, E.S. Lee, "How and why feedback composition fails [secure systems]," csfw, pp.95, Ninth IEEE Computer Security Foundations Workshop, 1996

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.