Abstract
The Compositional Security Checker (CSC for short) is a semantic tool for the automatic verification of some compositional information flow properties. The specifications given as inputs to CSC are terms of the Security Process Algebra, a language suited for the specification of systems where actions belong to two different levels of confidentiality. The information flow security properties which can be verified by CSC are some of those classified in [4]. They are derivations of some classic notions, e.g. Non Interference [6]. The tool is based on the same architecture of the Concurrency Workbench [2], from which some modules have been integrally imported. The usefulness of the tool is tested with the significative case-study of an access-monitor.
Chapter PDF
References
D. E. Bell and L. J. La Padula. “Secure Computer Systems: Unified Exposition and Multics Interpretation”. ESD-TR-75-306, MITRE MTR-2997, March 1976.
R. Cleaveland, J. Parrow, and B. Steffen. “The Concurrency Workbench: a Semantics Based Tool for the Verification of Concurrent Systems”. ACM Transactions on Programming Languages and Systems, Vol. 15 No. 1:36–72, January 1993.
R. Focardi and R. Gorrieri. “The Compositional Security Checker: A Tool for the Automatic Compositional Verification of Security Properties”. Forthcoming.
R. Focardi and R. Gorrieri. “A Classification of Security Properties for Process Algebras”. Journal of Computer Security, 3(1):5–33, 1994/1995.
R. Focardi, R. Gorrieri, and V. Panini. “The Security Checker: a Semantics-based Tool for the Verification of Security Properties”. In Proceedings Eight IEEE Computer Security Foundation Workshop, (CSFW'95) (Li Gong Ed.), pages 60–69, Kenmare (Ireland), June 1995. IEEE Press.
J. A. Goguen and J. Meseguer. “Security Policy and Security Models”. In Proceedings of the 1982 Symposium on Security and Privacy, pages 11–20. IEEE Computer Society Press, April 1982.
C. A. R. Hoare. Communicating Sequential Processes. Prentice-Hall, 1985.
P. Kanellakis and S.A. Smolka. “CCS Expression, Finite State Processes, and Three Problems of Equivalence”. Information & Computation 86, pages 43–68, May 1990.
R. Milner. Communication and Concurrency. Prentice-Hall, 1989.
C. R. Tsai, V. D. Gligor, and C. S. Chandersekaran. “On the Identification of Covert Storage Channels in Secure Systems”. IEEE Transactions on Software Engineering, pages 569–580, June 1990.
J. T. Wittbold and D. M. Johnson. “Information Flow in Nondeterministic Systems”. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, pages 144–161. IEEE Computer Society Press, 1990.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Gorrieri, R. (1996). Automatic compositional verification of some Security properties. In: Margaria, T., Steffen, B. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 1996. Lecture Notes in Computer Science, vol 1055. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-61042-1_44
Download citation
DOI: https://doi.org/10.1007/3-540-61042-1_44
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61042-7
Online ISBN: 978-3-540-49874-2
eBook Packages: Springer Book Archive