Abstract
Unwinding relations have been widely used to prove that finite systems are secure with respect to a variety of noninterference policies. The latter are prominent instances of security-relevant hyperproperties. As hyperproperties are defined on potentially infinite systems, a new mathematical development is needed in order to (re)use unwinding relations for generic verification of security-relevant hyperproperties. In this paper we propose a framework for coinductive unwinding of security relevant hyperproperties. To illustrate the usefulness of the framework, we show that Mantel’s Basic Security Predicates (BSPs), the noninterference policies they compose, as well as their respective unwinding relations, have a meaningful coinductive reinterpretation. We prove that in a number of cases the coinductive variants of the unwinding relations imply the respective coinductive variants of the BSPs. Moreover, the latter can be used to compose high-level security-relevant hyperproperties for both finite and infinite systems. A number of the unwinding theorems also hold as expected. In conclusion, the proposed framework and results are useful both theoretically in the study of hyperproperties and in practice for verification of hyperproperties on potentially infinite systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bohannon, A., Pierce, B.C., Sjöberg, V., Weirich, S., Zdancewic, S.: Reactive noninterference. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 79–90. ACM Press, New York (2009)
Clarkson, M.R., Schneider, F.B.: Hyperproperties. In: CSF 2008: Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium, pp. 51–65. IEEE Computer Society Press, Washington, DC (2008)
Goguen, J.A., Meseguer, J.: Unwinding and Inference Control. In: IEEE Symposium on Security and Privacy, pp. 75–86 (1984)
Guttman, J.D., Nadel, M.E.: What Needs Securing? In: Proceedings of the IEEE Computer Security Foundations Workshop, pp. 34–57 (1988)
Haigh, J.T., Young, W.D.: Extending the Noninterference Version of MLS for SAT. IEEE Transactions on Software Engineering 13(2), 141–150 (1987)
Johnson, D.M., Thayer, J.F.: Security and the Composition of Machines. In: Proceedings of the IEEE Computer Security Foundations Workshop, pp. 72–89 (1988)
Mantel, H.: Possibilistic Definitions of Security - An Assembly Kit. In: Proceedings of the 13th IEEE Workshop on Computer Security Foundations, pp. 185–199. IEEE Computer Society, Washington, DC (2000)
Mantel, H.: A Uniform Framework for the Formal Specification and Verification of Information Flow Security. PhD thesis, Universität des Saarlandes, Saarbrücken, Germany (July 2003)
McCullough, D.: Specifications for Multi-Level Security and a Hook-Up. In: IEEE Symposium on Security and Privacy, pp. 161–166 (1987)
Jonathan Millen. Unwinding Forward Correctability. In: Proceedings of the Computer Security Foundations Workshop, pp. 2–10. IEEE (1994)
Milushev, D., Clarke, D.: Coinductive unwinding of security-relevant hyperproperties: extended version. Technical Report CW 623, Katholieke Universiteit Leuven (August 2012)
Milushev, D., Clarke, D.: Towards Incrementalization of Holistic Hyperproperties. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 329–348. Springer, Heidelberg (2012)
Rushby, J.: Noninterference, Transitivity and Channel-Control Security Policies. Technical Report CSL-92-02, SRI International
Rutten, J.J.M.M.: Automata and Coinduction (An Exercise in Coalgebra). In: Sangiorgi, D., de Simone, R. (eds.) CONCUR 1998. LNCS, vol. 1466, pp. 194–218. Springer, Heidelberg (1998)
Ryan, P.Y.A.: A CSP formulation of non-interference and unwinding. In: Cipher: IEEE Computer Society Technical Committee Newsletter on Security & Privacy, pp. 19–30 (March 1991)
Ryan, P.Y.A., Schneider, S.A.: Process Algebra and Non-Interference. Journal of Computer Security 9(1/2), 75–103 (2001)
Zakinthinos, A., Lee, E.S.: A general theory of security properties. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, SP 1997, pp. 94–102. IEEE Computer Society, Washington, DC (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Milushev, D., Clarke, D. (2012). Coinductive Unwinding of Security-Relevant Hyperproperties. In: Jøsang, A., Carlsson, B. (eds) Secure IT Systems. NordSec 2012. Lecture Notes in Computer Science, vol 7617. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34210-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-34210-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34209-7
Online ISBN: 978-3-642-34210-3
eBook Packages: Computer ScienceComputer Science (R0)