Abstract
A useful paradigm of system development is that of stepwise refinement. In contrast to other system properties, many security properties proposed in the literature are not preserved under refinement (refinement paradox).
We present work towards a framework for stepwise development of secure systems by showing a notion of secrecy (that follows a standard approach) to be preserved by standard refinement operators in the specification framework Focus (extended with cryptographic primitives). We also give a rely/guarantee version of the secrecy property and show preservation by refinement. We use the secrecy property to uncover a previously unpublished flaw in a proposed variant of TLS, propose a correction and prove it secure. We give an abstract specification of a secure channel satisfying secrecy and re_ne it to a more concrete specification that by the preservation result thus also satisfies secrecy.
This work was supported by the Studienstiftung des deutschen Volkes and Lucent Technologies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abadi. Security protocols and their properties. In F.L. Bauer and R. Steinbrueggen, editors, Foundations of Secure Computation, pages 39–60. IOS Press, 2000. 20th Int. Summer School, Marktoberdorf, Germany.
M. Abadi and Andrew D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148(1):1–70, January 1999.
M. Abadi and Jan Jürjens. Formal eavesdropping and its computational interpretation, 2000. submitted.
V. Apostolopoulos, V. Peris, and D. Saha. Transport layer security: How much does it really cost ? In Conference on Computer Communications (IEEE Infocom), New York, March 1999.
M. Abadi and P. Rogaway. Reconciling two views of cryptography (invited lecture). In TCS 2000 (IFIP conference), Japan, August 2000.
B.W. Boehm. Software Engineering Economics. Prentice-Hall, 1981.
M. Broy. A logical basis for component-based systems engineering. In M. Broy and R. Steinbrüggen, editors, Calculational System Design. IOS Press, 1999.
M. Broy and K. Stølen. Specification and Development of Interactive Systems. Springer, 2000. (to be published).
L. Cardelli, G. Ghelli, and A. Gordon. Secrecy and group creation. In CONCUR 2000, pages 365–379, 2000.
D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198–208, 1983.
S. Fitzgerald, T. M. Brookes, M. A. Green, and P. G. Larsen. Formal and informal specifications of a secure system component: first results in a comparative study. In M. Naftalin, B. T. Denvir, and M. Bertran, editors, FME’94: Industrial Bene_t of Formal Methods, pages 35–44. Springer, 1994.
[HMR+98]_F. Huber, S. Molterer, A. Rausch, B. Schätz, M. Sihling, and O. Slotosch. Tool supported Specification and Simulation of Distributed Systems. In International Symposium on Software Engineering for Parallel and Distributed Systems, pages 155–164, 1998.
Jan Jürjens. Abstracting from failure probabilities, 2000. submitted.
Jan Jürjens. Composability of secrecy, 2000. submitted.
Jan Jürjens. Secure information flow for concurrent processes. In C. Palamidessi, editor, CONCUR 2000 (11th International Conference on Concurrency Theory), volume 1877 of LNCS, pages 395–409, Pennsylvania, 2000. Springer.
Jan Jürjens. Towards development of secure systems using UML. In H. Hußmann, editor, Fundamental Approaches to Software Engineering, LNCS. Springer, 2001. to be published.
P. G. Larsen, S. Fitzgerald, T. M. Brookes, and M. A. Green. Formal modelling and simulation in the development of a security-critical message processing system. In Formal Methods, Modelling and Simulation for Systems Engineering, 1995au].
V. Lotz. Formally defining security properties with relations on streams. Electronical Notes in Theoretical Computer Science, 32, 2000.
H. Mantel. Possibilistic definitions of security-an assembly kit. In IEEE Computer Security Foundations Workshop, 2000.
J. McLean. Security models. In John Marciniak, editor, Encyclopedia of Software Engineering. Wiley & Sons, Inc., 1994.
J. McLean. A general theory of composition for a class of “;possibilistic” properties. IEEE Transactions on Software Engineering, 22(1):53–67, 1996.
C. Meadows. Using traces based on procedure calls to reason about composability. In IEEE Symposium on Security and Privacy, pages 177–188, 1992.
C. Meadows. Formal verification of cryptographic protocols: A survey. In Asiacrypt 96, 1996.
B. Pfitzmann. Higher cryptographic protocols, 1998. Lecture Notes, Universität des Saarlandes.
P. Ryan and S. Schneider. An attack on a recursive authentication protocol. Inform. Proc. Letters, 65:7–10, 1998.
P. Ryan and S. Schneider. Process algebra and non-interference. In IEEE Computer Security Foundations Workshop, 1999.
A. Roscoe, J. Woodcock, and L. Wulf. Non-interference through determinism. In ESORICS 94, volume 875 of LNCS. Springer, 1994.
S. Schneider. Security properties and CSP. In IEEE Symposium on Security and Privacy, pages 174–187, 1996.
J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278–1308, September 1975.
P. Sewell and J. Vitek. Secure composition of untrusted code: Wrappers and causality types. In CSFW, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jürjens, J. (2001). Secrecy-Preserving Refinement. In: Oliveira, J.N., Zave, P. (eds) FME 2001: Formal Methods for Increasing Software Productivity. FME 2001. Lecture Notes in Computer Science, vol 2021. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45251-6_8
Download citation
DOI: https://doi.org/10.1007/3-540-45251-6_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41791-0
Online ISBN: 978-3-540-45251-5
eBook Packages: Springer Book Archive