Non-Interference for Deterministic Interactive Programs

Clark, David; Hunt, Sebastian

doi:10.1007/978-3-642-01465-9_4

Non-Interference for Deterministic Interactive Programs

David Clark¹⁹ &
Sebastian Hunt²⁰

Conference paper

533 Accesses
15 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5491))

Abstract

We consider the problem of defining an appropriate notion of non-interference (NI) for deterministic interactive programs. Previous work on the security of interactive programs by O’Neill, Clarkson and Chong (CSFW 2006) builds on earlier ideas due to Wittbold and Johnson (Symposium on Security and Privacy 1990), and argues for a notion of NI defined in terms of strategies modelling the behaviour of users. We show that, for deterministic interactive programs, it is not necessary to consider strategies and that a simple stream model of the users’ behaviour is sufficient. The key technical result is that, for deterministic programs, stream-based NI implies the apparently more general strategy-based NI (in fact we consider a wider class of strategies than those of O’Neill et al). We give our results in terms of a simple notion of Input-Output Labelled Transition System, thus allowing application of the results to a large class of deterministic interactive programming languages.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abramksy, S., McCusker, G.: Game semantics. In: Berger, U., Schwichtenberg, H. (eds.) Logic and Computation: Proc. 1997 Marktoberdorf Summer School. NATO Science Series. Springer, Heidelberg (1998)
Google Scholar
Abramsky, S., Jagadeesan, R., Malacaria, P.: Full abstraction for pcf. Information and Computation, 409–470 (December 2000)
Google Scholar
Aldini, A.: Probabilistic information flow in a process algebra. In: Larsen, K.G., Nielsen, M. (eds.) CONCUR 2001. LNCS, vol. 2154, pp. 152–168. Springer, Heidelberg (2001)
Chapter Google Scholar
Aldini, A., Bravetti, M., Gorrieri, R.: A process-algebraic approach for the analysis of probabilistic noninterference. J. Comput. Secur. 12(2), 191–245 (2004)
Article Google Scholar
Askarov, A., Hunt, S., Sabelfeld, A., Sands, D.: Termination-insensitive noninterference leaks more than just a bit. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283. Springer, Heidelberg (2008)
Chapter Google Scholar
Denning, D.E.: A lattice model of secure information flow. Comm. of the ACM 19(5), 236–243 (1976)
Article MathSciNet MATH Google Scholar
Focardi, R., Gorrieri, R.: A classification of security properties for process algebras. J. Computer Security 3(1), 5–33 (1995)
Article Google Scholar
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Symposium on Security and Privacy, April 1982, pp. 11–20 (1982)
Google Scholar
Harmer, R., Mccusker, G.: A fully abstract game semantics for finite nondeterminism. In: Proceedings of the Fourteenth Annual Symposium on Logic in Computer Science, LICS 1999, pp. 422–430. IEEE Computer Society Press, Los Alamitos (1999)
Google Scholar
Honda, K., Yoshida, N., Carbone, M.: Multiparty asynchronous session types. In: Principles Of Programming Languages (January 2008)
Google Scholar
Hunt, S., Sands, D.: Just forget it – the semantics and enforcement of information erasure. In: Drossopoulou, S. (ed.) ESOP 2008. LNCS, vol. 4960, pp. 239–253. Springer, Heidelberg (2008)
Chapter Google Scholar
Gray III, J.W.: Toward a mathematical foundation for information flow security. In: Proc. of the 1991 Symposium on Security and Privacy, pp. 21–35. IEEE, Los Alamitos (1991)
Chapter Google Scholar
Jürjens, J.: Secure information flow for concurrent processes. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 395–409. Springer, Heidelberg (2000)
Chapter Google Scholar
O’Neill, K.R., Clarkson, M.R., Chong, S.: Information-flow security for interactive programs. In: CSFW, pp. 190–201. IEEE Computer Society, Los Alamitos (2006)
Google Scholar
Shannon, C.E.: Channels with side information at the transmitter. IBM journal of Research and Development 2(4), 289–293 (1958)
Article MathSciNet Google Scholar
Wittbold, J.T., Johnson, D.M.: Information flow in nondeterministic systems. In: IEEE Symposium on Security and Privacy, pp. 144–161 (1990)
Google Scholar

Download references

Author information

Authors and Affiliations

King’s College London, UK
David Clark
City University, London, UK
Sebastian Hunt

Authors

David Clark
View author publications
You can also search for this author in PubMed Google Scholar
Sebastian Hunt
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dipartimento di Informatica, Università di Pisa, Largo Bruno, Pontecorvo, 3, 56127, Pisa, Italy
Pierpaolo Degano
The MITRE Corporation, 202 Burlington Rd, MS S128, MA 01730, Bedford, USA
Joshua Guttman
Istituto di Informatica e Telematica - IIT Consiglio Nazionale delle Ricerche, C.N.R., Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy
Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Clark, D., Hunt, S. (2009). Non-Interference for Deterministic Interactive Programs. In: Degano, P., Guttman, J., Martinelli, F. (eds) Formal Aspects in Security and Trust. FAST 2008. Lecture Notes in Computer Science, vol 5491. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01465-9_4

Download citation

DOI: https://doi.org/10.1007/978-3-642-01465-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01464-2
Online ISBN: 978-3-642-01465-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics