European Symposium on Research in Computer Security

Computer Security -- ESORICS 2015 pp 500-519 | Cite as

Factorization of Behavioral Integrity

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9327)


We develop a bisimulation-based nonintereference property that describes the allowed dependencies between communication behaviors of different integrity levels. The property is able to capture all possible combinations of integrity levels for the “presence” and “content” of actual communications. Channels of low presence integrity and high content integrity can be used to model the effect of Message Authentication Codes or the consequence of Denial of Service Attacks. In case the distinction between “presence” and “content” is deliberately blurred, the noninterference property specialises to a classical process-algebraic property (called SBNDC). A compositionality result is given to facilitate a structural approach to the analysis of concurrent systems.





We would like to thank the ProSec research group at Chalmers University of Technology, especially Andrei Sabelfeld, Willard Rafnsson and David Sands, for useful feedback on this work at an earlier stage.


  1. 1.
    Bossi, A., Piazza, C., Rossi, S.: Modelling downgrading in information flow security. In: 17th IEEE Computer Security Foundations Workshop, (CSFW-17 2004), 28–30 June 2004, Pacific Grove, CA, USA, p. 187 (2004)Google Scholar
  2. 2.
    Capecchi, S., Castellani, I., Dezani-Ciancaglini, M., Rezk, T.: Session types for access and information flow control. In: Gastin, P., Laroussinie, F. (eds.) CONCUR 2010. LNCS, vol. 6269, pp. 237–252. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  3. 3.
    Castellani, I.: State-oriented noninterference for CCS. Electron. Notes Theor. Comput. Sci. 194(1), 39–60 (2007)CrossRefGoogle Scholar
  4. 4.
    Clarkson, M.R., Schneider, F.B.: Quantification of integrity. In: Proceedings of the 23rd IEEE Computer Security Foundations Symposium, CSF (2010)Google Scholar
  5. 5.
    Cohen, E.S.: Information transmission in computational systems. In: SOSP, pp. 133–139 (1977)Google Scholar
  6. 6.
    Focardi, R., Gorrieri, R.: Classification of security properties. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  7. 7.
    Goguen, J.A, Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, pp. 11–20 (1982)Google Scholar
  8. 8.
    Kobayashi, N.: Type-based information flow analysis for the pi-calculus. Acta Inf. 42(4–5), 291–347 (2005)CrossRefMATHGoogle Scholar
  9. 9.
    Montagu, B., Pierce, B.C., Pollack, R.: A theory of information-flow labels. In: 2013 IEEE 26th Computer Security Foundations Symposium, New Orleans, LA, USA, 26–28 June 2013, pp. 3–17 (2013)Google Scholar
  10. 10.
    Muller, S., Chong, S.: Towards a practical secure concurrent language. In: Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, pp. 57–74 (2012)Google Scholar
  11. 11.
    Nielson, H.R., Nielson, F.: Safety versus security in the quality calculus. In: Liu, Z., Woodcock, J., Zhu, H. (eds.) Theories of Programming and Formal Methods. LNCS, vol. 8051, pp. 285–303. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  12. 12.
    Nielson, H.R., Nielson, F., Vigo, R.: A calculus for quality. In: Păsăreanu, C.S., Salaün, G. (eds.) FACS 2012. LNCS, vol. 7684, pp. 188–204. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  13. 13.
    Rafnsson, W., Hedin, D., Sabelfeld, A.: Securing interactive programs. In: 25th IEEE Computer Security Foundations Symposium, CSF 2012 (2012)Google Scholar
  14. 14.
    Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Berlin Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)CrossRefGoogle Scholar
  16. 16.
    Sabelfeld, A., Sands, D.: Declassification: dimensions and principles. J. Comput. Secur. 17(5), 517–548 (2009)CrossRefGoogle Scholar
  17. 17.
    Sangiorgi, D., Walker, D.: The Pi-Calculus - A Theory of Mobile Processes. Cambridge University Press, UK (2001)MATHGoogle Scholar
  18. 18.
    van Bakel, S., Vigliotti, M.G.: Note on a simple type system for non-interference. CoRR, abs/1109.4843 (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Ximeng Li
    • 1
  • Flemming Nielson
    • 1
  • Hanne Riis Nielson
    • 1
  1. 1.DTU ComputeTechnical University of DenmarkKongens LyngbyDenmark

Personalised recommendations