Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Formal Aspects in Security and Trust

FAST 2008: Formal Aspects in Security and Trust pp 82–96Cite as

Causality and Accountability

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5491))

Abstract

Noninterference is a standard correctness condition for information flow control, but achieving it may sometimes be too expensive to be practical, particularly for distributed applications. A framework is introduced for specifying what forms of information flow control should be secured. Accountable noninterference requires that there be no information leaks via accountable information flows. An example application is in delineating sequential and distributed information flows, allowing different enforcement mechanisms for each. As such, the framework allows the specification of mechanism, dual to policy, in information flow control.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Piazza, C., Bossi, A., Rossi, S.: Compositional information flow security for concurrent programs. Journal of Computer Security 15(3), 373–416 (2007)

    Article  Google Scholar 

  2. Askarov, A., Sabelfeld, A.: Gradual release: Unifying delassification, encryption and key release policies. In: IEEE Symposium on Security and Privacy (2007)

    Google Scholar 

  3. Boreale, M., Sangiorgi, D.: A fully abstract semantics for causality in the pi-calculus. Acta Informatica 35(5), 353–400 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  4. Boudol, G., Castellani, I.: Noninterference for concurrent programs and thread systems. Theor. Comput. Sci. 281(1-2), 109–130 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  5. Busi, N., Gorrieri, R.: Positive non-interference in elementary and trace nets. In: Cortadella, J., Reisig, W. (eds.) ICATPN 2004. LNCS, vol. 3099, pp. 1–16. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Cheswick, W., Bellovin, S., Rubin, A.: Firewalls and Internet Security. Addison-Wesley, Reading (2003)

    MATH  Google Scholar 

  7. Chothia, T., Duggan, D., Wu, Y.: Trusting the network. In: Foundations of Computer Security, Chicago, IL (2005)

    Google Scholar 

  8. Crafa, S., Rossi, S.: A theory of noninterference for the pi-calculus. In: De Nicola, R., Sangiorgi, D. (eds.) TGC 2005. LNCS, vol. 3705, pp. 2–18. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Crafa, S., Rossi, S.: Controlling information release in the pi-calculus. Information and Computation 285(8), 1235–1273 (2007)

    Article  MATH  Google Scholar 

  10. de Oliveira Braga, C.: Rewriting Logic as a Semantic Framework for Modular Structural Operational Semantics. PhD thesis, Pontificia Universidade Catolica do Rio de Janeiro (2001)

    Google Scholar 

  11. Degano, P., Priami, C.: Non-interleaving semantics for mobile processes. Theoretical Computer Science 216(1–2), 237–270 (1999)

    Article  MathSciNet  MATH  Google Scholar 

  12. Focardi, R., Gorrieri, R.: A taxonomy of security properties for process algebras. Journal of Computer Security 3(1), 5–34 (1995)

    Article  Google Scholar 

  13. Focardi, R., Gorrieri, R.: Classification of security properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Focardi, R., Rossi, S.: Information flow security in dynamic contexts. In: Computer Security Foundations Workshop, pp. 307–319. IEEE Press, Los Alamitos (2002)

    Google Scholar 

  15. Goguen, J., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy (1982)

    Google Scholar 

  16. Goguen, J., Meseguer, J.: Unwinding and inference control. In: IEEE Symposium on Security and Privacy (1984)

    Google Scholar 

  17. Hennessy, M.: The security picalculus and non-interference. Journal of Logic and Algebraic Programming 63, 3–34 (2004)

    Article  Google Scholar 

  18. Hennessy, M., Riely, J.: Information flow vs resource access in the asynchronous pi-calculus. ACM Transactions on Programming Languages and Systems 24(5), 566–591 (2002)

    Article  MATH  Google Scholar 

  19. Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)

    MATH  Google Scholar 

  20. Honda, K., Yoshida, N.: A uniform type structure for secure information flow. In: POPL 2002: Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 81–92. ACM, New York (2002)

    Google Scholar 

  21. Pearl, J.: Causality: Models, Reasoning and Inference. Cambridge University Press, Cambridge (2000)

    MATH  Google Scholar 

  22. Kiehn, A.: Comparing locality and causality based equivalences. Acta Informatica (1994)

    Google Scholar 

  23. Kobayashi, N.: Type-based information flow analysis for the pi-calculus. Acta Informatica (2003)

    Google Scholar 

  24. Lamport, L.: Time, clocks and the ordering of events in a distributed system. Communications of the ACM 21(7), 558–565 (1978)

    Article  MATH  Google Scholar 

  25. Milner, R.: Communication and Concurrency. Prentice-Hall, Englewood Cliffs (1989)

    MATH  Google Scholar 

  26. Milner, R.: The polyadic π-calculus: A tutorial. In: Bauer, F.L., Brauer, W., Schwichtenberg, H. (eds.) Logic and Algebra of Specification. Computer and Systems Sciences, vol. 94, pp. 203–246. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  27. Reisig, W.: Petri Nets: An Introduction. EATCS Monographs on Theoretical Computer Science, vol. 4. Springer, Heidelberg (1988)

    MATH  Google Scholar 

  28. Rushby, J.M.: Noninterference, transitivity and channel-control security policies. Technical report, SRI (1992)

    Google Scholar 

  29. Ryan, P.Y.A., Schneider, S.A.: Process algebra and non-interference. In: CSFW 1999: Proceedings of the 12th IEEE workshop on Computer Security Foundations, Washington, DC, USA, p. 214. IEEE Computer Society, Los Alamitos (1999)

    Google Scholar 

  30. Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications (2002)

    Google Scholar 

  31. Sangiorgi, D.: Asynchronous process calculi: The first-order and higher-order paradigms. Theoretical Computer Science (253) (2001)

    Google Scholar 

  32. Sewell, P., Vitek, J.: Secure composition of untrusted code: Wrappers and causality types. In: CSFW 2000: Proceedings of the 13th IEEE workshop on Computer Security Foundations, Washington, DC, USA, p. 269. IEEE Computer Society, Los Alamitos (2000)

    Chapter  Google Scholar 

  33. van der Meyden, R.: What, indeed, is intransitive noninterference? In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 235–250. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  34. Weitzner, D., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Communications of the ACM 51(6), 82–87 (2008)

    Article  Google Scholar 

  35. Zeldovich, N., Boyd-Wickizer, S., Mazieres, D.: Securing distributed systems with information flow control. In: Network Systems Design and Implementation (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Stevens Institute of Technology, Hoboken, New Jersey, 07030, USA

    Dominic Duggan & Ye Wu

Authors
  1. Dominic Duggan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ye Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica, Università di Pisa, Largo Bruno, Pontecorvo, 3, 56127, Pisa, Italy

    Pierpaolo Degano

  2. The MITRE Corporation, 202 Burlington Rd, MS S128, MA 01730, Bedford, USA

    Joshua Guttman

  3. Istituto di Informatica e Telematica - IIT Consiglio Nazionale delle Ricerche, C.N.R., Pisa Research Area, Via. G. Moruzzi 1, 56125, Pisa, Italy

    Fabio Martinelli

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Duggan, D., Wu, Y. (2009). Causality and Accountability. In: Degano, P., Guttman, J., Martinelli, F. (eds) Formal Aspects in Security and Trust. FAST 2008. Lecture Notes in Computer Science, vol 5491. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01465-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01465-9_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01464-2

  • Online ISBN: 978-3-642-01465-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation