On Two Models of Noninterference: Rushby and Greve, Wilding, and Vanfleet

  • Adrian Garcia Ramirez
  • Julien Schmaltz
  • Freek Verbeek
  • Bruno Langenstein
  • Holger Blasum
Conference paper

DOI: 10.1007/978-3-319-10506-2_17

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8666)
Cite this paper as:
Ramirez A.G., Schmaltz J., Verbeek F., Langenstein B., Blasum H. (2014) On Two Models of Noninterference: Rushby and Greve, Wilding, and Vanfleet. In: Bondavalli A., Di Giandomenico F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science, vol 8666. Springer, Cham

Abstract

We formally compare two industrially relevant and popular models of noninterference, namely, the model defined by Rushby and the one defined by Greve, Wilding, and Vanfleet (GWV). We create a mapping between the objects and relations of the two models. We prove a number of theorems showing under which assumptions a system identified as “secure” in one model is also identified as “secure” in the other model. Using two examples, we illustrate and discuss some of these assumptions. Our main conclusion is that the GWV model is more discriminating than the Rushby model. All systems satisfying GWV’s Separation also satisfy Rushby’s noninterference. The other direction only holds if we additionally assume that GWV systems are such that every partition is assigned at most one memory segment. All of our proofs have been checked using the Isabelle/HOL proof assistant.

Keywords

Noninterference information flow security formal models 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Adrian Garcia Ramirez
    • 1
  • Julien Schmaltz
    • 1
  • Freek Verbeek
    • 2
  • Bruno Langenstein
    • 3
  • Holger Blasum
    • 4
  1. 1.Department of Computer ScienceEindhoven University of TechnologyEindhovenThe Netherlands
  2. 2.School of Computer ScienceThe Open University of The NetherlandsHeerlenThe Netherlands
  3. 3.German Research Center for Artificial Intelligence (DFKI GmbH)SaarbrückenGermany
  4. 4.SYSGO AGKlein-WinternheimGermany

Personalised recommendations