Advertisement

Information Security Modeling and Analysis

  • David A. Greve
Chapter

Abstract

The question of how best to model and analyze systems with information security requirements has been of interest to the Rockwell Collins Advanced Technology Center since the beginning of the AAMP7G certification effort [Wilding et al. (in press) Design and verification of microprocessor systems for high-assurance applications]. Of particular interest are techniques that are amenable to automated formal reasoning, especially in a generic theorem proving or model checking context. In this chapter, we document research results that pertain to the GWV class of information flow theorems [Greve et al. (2003) Proceedings of ACL2’03; Greve et al. (2005) Proceedings of SSTC 2005]. We provide a mathematical underpinning for the theorems, explore some of their properties, demonstrate their application to selected examples, and describe their evolutionary history. We conclude by establishing a connection between our models of information flow and the classical notion of noninterference originally proposed by Goguen and Meseguer [Proceedings of the 1982 IEEE symposium on security and privacy (1982)].

Keywords

Model Check Indexing Scheme Output Index Security Domain Microprocessor System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alves-Foss J, Taylor C (2004) An analysis of the GWV security policy. In: Proceedings of the fifth international workshop on ACL2 and its applications, Austin, TX, Nov. 2004Google Scholar
  2. 2.
    Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT, Cambridge, MAGoogle Scholar
  3. 3.
    Goguen JA, Meseguer J (1982) Security policies and security models In: Proceedings of the 1982 IEEE symposium on security and privacy, pp 11–20. IEEE Computer Society Press, Washington, DCGoogle Scholar
  4. 4.
    Greve D (2004) Address enumeration and reasoning over linear address spaces. In: Proceedings of ACL2’04, Austin, TX, Nov. 2004Google Scholar
  5. 5.
    Greve D (2006) Parameterized congruences in ACL2. In: Proceedings of ACL2’06, Austin, TX, Nov. 2006Google Scholar
  6. 6.
    Greve D (2007) Scalable normalization of heap manipulating functions. In: Proceedings of ACL2’07, Austin, TX, Nov. 2007Google Scholar
  7. 7.
    Greve D, Wilding M, Vanfleet M (2003) A separation kernel formal security policy. In: Proceedings of ACL2’03Google Scholar
  8. 8.
    Greve D, Wilding M, Vanfleet M, Richards R (2005) Formalizing security policies for dynamic and distributed systems. In: Proceedings of SSTC 2005Google Scholar
  9. 9.
    Munoz C (2009) ProofLite product description. http://research.nianet.org/~munoz/ProofLite
  10. 10.
    Richards R (2010) Modeling and security analysis of a commercial real-time operating system kernel. In: Hardin D (ed) Design and verification of microprocessor systems for high-assurance applications. Springer, Berlin, pp 301–322Google Scholar
  11. 11.
    Rushby J (1992) Noninterference, transitivity, and channel-control security policies. Technical report csl-92–2, SRIGoogle Scholar
  12. 12.
    Rushby J (2001) Formal verification of McMillan’s compositional assume-guarantee rule. Technical report, SRI, September 2001Google Scholar
  13. 13.
    Shannon C, Weaver W (1949) The mathematical theory of communication. University of Illinois Press, Champaign, ILGoogle Scholar
  14. 14.
    SRI, Incorporated (2009) PVS specification and verification system. http://pvs.csl.sri.com
  15. 15.
    Whalen M, Greve D, Wagner L (2010) Model checking information flow. In: Hardin D (ed) Design and verification of microprocessor systems for high-assurance applications. Springer, Berlin, pp 381–428Google Scholar
  16. 16.
    Wilding M, Greve D, Richards R, Hardin D (2010) Formal verification of partition management for the AAMP7G microprocessor. In: Hardin D (ed) Design and verification of microprocessor systems for high-assurance applications. Springer, Berlin, pp 175–191Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Rockwell Collins, Inc.Cedar RapidsUSA

Personalised recommendations