Skip to main content
SpringerLink
Log in

Secrecy-Preserving Refinement

  • Conference paper
  • First Online:
FME 2001: Formal Methods for Increasing Software Productivity (FME 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2021))

Included in the following conference series:

Abstract

A useful paradigm of system development is that of stepwise refinement. In contrast to other system properties, many security properties proposed in the literature are not preserved under refinement (refinement paradox).

We present work towards a framework for stepwise development of secure systems by showing a notion of secrecy (that follows a standard approach) to be preserved by standard refinement operators in the specification framework Focus (extended with cryptographic primitives). We also give a rely/guarantee version of the secrecy property and show preservation by refinement. We use the secrecy property to uncover a previously unpublished flaw in a proposed variant of TLS, propose a correction and prove it secure. We give an abstract specification of a secure channel satisfying secrecy and re_ne it to a more concrete specification that by the preservation result thus also satisfies secrecy.

This work was supported by the Studienstiftung des deutschen Volkes and Lucent Technologies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi. Security protocols and their properties. In F.L. Bauer and R. Steinbrueggen, editors, Foundations of Secure Computation, pages 39–60. IOS Press, 2000. 20th Int. Summer School, Marktoberdorf, Germany.

    Google Scholar 

  2. M. Abadi and Andrew D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148(1):1–70, January 1999.

    Article  MATH  MathSciNet  Google Scholar 

  3. M. Abadi and Jan Jürjens. Formal eavesdropping and its computational interpretation, 2000. submitted.

    Google Scholar 

  4. V. Apostolopoulos, V. Peris, and D. Saha. Transport layer security: How much does it really cost ? In Conference on Computer Communications (IEEE Infocom), New York, March 1999.

    Google Scholar 

  5. M. Abadi and P. Rogaway. Reconciling two views of cryptography (invited lecture). In TCS 2000 (IFIP conference), Japan, August 2000.

    Google Scholar 

  6. B.W. Boehm. Software Engineering Economics. Prentice-Hall, 1981.

    Google Scholar 

  7. M. Broy. A logical basis for component-based systems engineering. In M. Broy and R. Steinbrüggen, editors, Calculational System Design. IOS Press, 1999.

    Google Scholar 

  8. M. Broy and K. Stølen. Specification and Development of Interactive Systems. Springer, 2000. (to be published).

    Google Scholar 

  9. L. Cardelli, G. Ghelli, and A. Gordon. Secrecy and group creation. In CONCUR 2000, pages 365–379, 2000.

    Google Scholar 

  10. D. Dolev and A. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198–208, 1983.

    Article  MATH  MathSciNet  Google Scholar 

  11. S. Fitzgerald, T. M. Brookes, M. A. Green, and P. G. Larsen. Formal and informal specifications of a secure system component: first results in a comparative study. In M. Naftalin, B. T. Denvir, and M. Bertran, editors, FME’94: Industrial Bene_t of Formal Methods, pages 35–44. Springer, 1994.

    Google Scholar 

  12. [HMR+98]_F. Huber, S. Molterer, A. Rausch, B. Schätz, M. Sihling, and O. Slotosch. Tool supported Specification and Simulation of Distributed Systems. In International Symposium on Software Engineering for Parallel and Distributed Systems, pages 155–164, 1998.

    Google Scholar 

  13. Jan Jürjens. Abstracting from failure probabilities, 2000. submitted.

    Google Scholar 

  14. Jan Jürjens. Composability of secrecy, 2000. submitted.

    Google Scholar 

  15. Jan Jürjens. Secure information flow for concurrent processes. In C. Palamidessi, editor, CONCUR 2000 (11th International Conference on Concurrency Theory), volume 1877 of LNCS, pages 395–409, Pennsylvania, 2000. Springer.

    Chapter  Google Scholar 

  16. Jan Jürjens. Towards development of secure systems using UML. In H. Hußmann, editor, Fundamental Approaches to Software Engineering, LNCS. Springer, 2001. to be published.

    Google Scholar 

  17. P. G. Larsen, S. Fitzgerald, T. M. Brookes, and M. A. Green. Formal modelling and simulation in the development of a security-critical message processing system. In Formal Methods, Modelling and Simulation for Systems Engineering, 1995au].

    Google Scholar 

  18. V. Lotz. Formally defining security properties with relations on streams. Electronical Notes in Theoretical Computer Science, 32, 2000.

    Google Scholar 

  19. H. Mantel. Possibilistic definitions of security-an assembly kit. In IEEE Computer Security Foundations Workshop, 2000.

    Google Scholar 

  20. J. McLean. Security models. In John Marciniak, editor, Encyclopedia of Software Engineering. Wiley & Sons, Inc., 1994.

    Google Scholar 

  21. J. McLean. A general theory of composition for a class of “;possibilistic” properties. IEEE Transactions on Software Engineering, 22(1):53–67, 1996.

    Article  Google Scholar 

  22. C. Meadows. Using traces based on procedure calls to reason about composability. In IEEE Symposium on Security and Privacy, pages 177–188, 1992.

    Google Scholar 

  23. C. Meadows. Formal verification of cryptographic protocols: A survey. In Asiacrypt 96, 1996.

    Google Scholar 

  24. B. Pfitzmann. Higher cryptographic protocols, 1998. Lecture Notes, Universität des Saarlandes.

    Google Scholar 

  25. P. Ryan and S. Schneider. An attack on a recursive authentication protocol. Inform. Proc. Letters, 65:7–10, 1998.

    Article  Google Scholar 

  26. P. Ryan and S. Schneider. Process algebra and non-interference. In IEEE Computer Security Foundations Workshop, 1999.

    Google Scholar 

  27. A. Roscoe, J. Woodcock, and L. Wulf. Non-interference through determinism. In ESORICS 94, volume 875 of LNCS. Springer, 1994.

    Google Scholar 

  28. S. Schneider. Security properties and CSP. In IEEE Symposium on Security and Privacy, pages 174–187, 1996.

    Google Scholar 

  29. J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278–1308, September 1975.

    Article  Google Scholar 

  30. P. Sewell and J. Vitek. Secure composition of untrusted code: Wrappers and causality types. In CSFW, 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computing Laboratory, University of Oxford, GB, UK

    Jan Jürjens

Authors
  1. Jan Jürjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Minho, Campus de Gualtar, 4700-320, Braga, Portugal

    José Nuno Oliveira

  2. AT&T Laboratories — Research, 180 Park Avenue, Florham Park, New Jersey, 07932, USA

    Pamela Zave

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jürjens, J. (2001). Secrecy-Preserving Refinement. In: Oliveira, J.N., Zave, P. (eds) FME 2001: Formal Methods for Increasing Software Productivity. FME 2001. Lecture Notes in Computer Science, vol 2021. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45251-6_8

Download citation

  • DOI: https://doi.org/10.1007/3-540-45251-6_8

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-41791-0

  • Online ISBN: 978-3-540-45251-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation