Chapter

Information Systems Security

Volume 5352 of the series Lecture Notes in Computer Science pp 26-40

On the Decidability of Model-Checking Information Flow Properties

  • Deepak D’SouzaAffiliated withDepartment of Computer Sc. & Automation, Indian Institute of Science
  • , Raveendra HollaAffiliated withDepartment of Computer Sc. & Automation, Indian Institute of Science
  • , Janardhan KulkarniAffiliated withDepartment of Computer Sc. & Automation, Indian Institute of Science
  • , Raghavendra K. RameshAffiliated withDepartment of Computer Sc. & Automation, Indian Institute of Science
  • , Barbara SprickAffiliated withDepartment of Computer Science, Modeling and Analysis of Information Systems, TU Darmstadt

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Current standard security practices do not provide substantial assurance about information flow security: the end-to-end behavior of a computing system. Noninterference is the basic semantical condition used to account for information flow security. In the literature, there are many definitions of noninterference: Non-inference, Separability and so on. Mantel presented a framework of Basic Security Predicates (BSPs) for characterizing the definitions of noninterference in the literature. Model-checking these BSPs for finite state systems was shown to be decidable in [8]. In this paper, we show that verifying these BSPs for the more expressive system model of pushdown systems is undecidable. We also give an example of a simple security property which is undecidable even for finite-state systems: the property is a weak form of non-inference called WNI, which is not expressible in Mantel’s BSP framework.