Skip to main content
SpringerLink
Log in
Book cover

International Conference on Quantitative Evaluation of Systems

QEST 2019: Quantitative Evaluation of Systems pp 222–238Cite as

A Process Algebra for (Delimited) Persistent Stochastic Non-Interference

  • Conference paper
  • First Online:

  • 480 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11785))

Abstract

In this paper, we consider the information flow security properties named Persistent Stochastic Non-Interference (PSNI) and Delimited Persistent Stochastic Non-Interference (D_PSNI) for stochastic cooperating processes described as terms of the Performance Evaluation Process Algebra (PEPA). A PEPA process P that satisfies (D)_PSNI admits only controlled information flows from the high, private, level of confidentiality to the low, public, one. In particular, the downgrading/declassification of information is permitted only when performed by a trusted component. Once a process has been defined one can only check whether it satisfies (D)_PSNI or not.

In this work, we contribute to the verification and construction of secure processes in two respects: (i) first we prove new compositionality properties for (D)_PSNI and then (ii) we exploit them in order to introduce a new process algebra which allows the definition of processes which are secure by construction, thus avoiding any further check.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Alzetta, G., Marin, A., Piazza, C., Rossi, S.: Lumping-based equivalences in markovian automata: algorithms and applications to product-form analyses. Inf. Comput. 260, 99–125 (2018)

    Article  MathSciNet  Google Scholar 

  2. Backes, M., Pfitzmann, B.: Intransitive non-interference for cryptographic purposes. In Proceedings of the IEEE Symposium on Security and Privacy (SSP 2003), IEEE, pp. 140–152 (2003)

    Google Scholar 

  3. Bodei, C., Degano, P., Nielson, F., Nielson, H.R.: Static analysis for secrecy and non-interference in networks of processes. In: Malyshkin, V. (ed.) PaCT 2001. LNCS, vol. 2127, pp. 27–41. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44743-1_3

    Chapter  Google Scholar 

  4. Bossi, A., Focardi, R., Macedonio, D., Piazza, C., Rossi, S.: Unwinding in information flow security. Electron. Notes Theor. Comput. Sci. 99, 127–154 (2004)

    Article  Google Scholar 

  5. Bossi, A., Focardi, R., Piazza, C., Rossi, S.: Bisimulation and unwinding for verifying possibilistic security properties. In: Zuck, L.D., Attie, P.C., Cortesi, A., Mukhopadhyay, S. (eds.) VMCAI 2003. LNCS, vol. 2575, pp. 223–237. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36384-X_19

    Chapter  MATH  Google Scholar 

  6. Bossi, A., Focardi, R., Piazza, C., Rossi, S.: A proof system for information flow security. In: Leuschel, M. (ed.) LOPSTR 2002. LNCS, vol. 2664, pp. 199–218. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-45013-0_16

    Chapter  Google Scholar 

  7. Bossi, A., Focardi, R., Piazza, C., Rossi, S.: Verifying persistent security properties. Comput. Lang. Syst. Struct. 30(3–4), 231–258 (2004)

    MATH  Google Scholar 

  8. Bossi, A., Macedonio, D., Piazza, C., Rossi, S.: Information flow in secure contexts. J. Comput. Secur. 13(3), 391–422 (2005)

    Article  Google Scholar 

  9. Bossi, A., Piazza, C., Rossi, S.: Compositional information flow security for concurrent programs. J. Comput. Secur. 15(3), 373–416 (2007)

    Article  Google Scholar 

  10. Boudol, G., Castellani, I.: Noninterference for concurrent programs. In: Orejas, F., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 382–395. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-48224-5_32

    Chapter  Google Scholar 

  11. Braghin, C., Cortesi, A., Focardi, R.: Control flow analysis of mobile ambients with security boundaries. In: Proceedings of IFIPM International Conference on Formal Methods for Open Object-Based Distributed Systems, Kluwer, pp. 197–212 (2002)

    Google Scholar 

  12. Cheh, C., Chen, B., Temple, W.G., Sanders, W.H.: Data-driven model-based detection of malicious insiders via physical access logs. In: Bertrand, N., Bortolussi, L. (eds.) QEST 2017. LNCS, vol. 10503, pp. 275–291. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66335-7_17

    Chapter  Google Scholar 

  13. Focardi, R., Piazza, C., Rossi, S.: Proofs methods for bisimulation based information flow security. In: Cortesi, A. (ed.) VMCAI 2002. LNCS, vol. 2294, pp. 16–31. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-47813-2_2

    Chapter  Google Scholar 

  14. Focardi, R., Rossi, S.: Information flow security in dynamic contexts. J. Comput. Secur. 14(1), 65–110 (2006)

    Article  Google Scholar 

  15. Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Security and Privacy (SSP 1982), pp. 11–20 (1982)

    Google Scholar 

  16. Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: Proceedings of the IEEE Symposium on Security and Privacy (SSP 1984), pp. 75–86 (1984)

    Google Scholar 

  17. Hedin, D., Sabelfeld, A.: A perspective on information-flow control. In: Software Safety and Security - Tools for Analysis and Verification, IOS Press, pp. 319–347 (2012)

    Google Scholar 

  18. Hennessy, M., Riely, J.: Information flow vs. resource access in the asynchronous pi-calculus. ACM Trans. Program. Lang. Syst. (TOPLAS) 24(5), 566–591 (2002)

    Article  Google Scholar 

  19. Hillston, J.: A Compositional Approach to Performance Modelling. Cambridge Press, Cambridge (1996)

    Book  Google Scholar 

  20. Hillston, J., Marin, A., Piazza, C., Rossi, S.: Contextual lumpability. In: Proceedings of Valuetools 2013 Conference, ACM Press, pp. 194–203 (2013)

    Google Scholar 

  21. Hillston, J., Marin, A., Piazza, C., Rossi, S.: Information flow security for stochastic processes. In: Computer Performance Engineering - 15th European Workshop, EPEW, pp. 142–156 (2018)

    Google Scholar 

  22. Hillston, J., Marin, A., Piazza, C., Rossi, S.: Delimited persistent stochastic non-interference. In: Proceedings of the 12th EAI International Conference on Performance Evaluation Methodologies and Tools, VALUETOOLS 2019, pp. 135–142 (2019)

    Google Scholar 

  23. Hillston, J., Marin, A., Piazza, C., Rossi, S.: Persistent stochastic non-interference. Information and Computation (2019, Submitted)

    Google Scholar 

  24. Hillston, J., Piazza, C., Rossi, S.: Persistent stochastic non-interference. In: Proceedings of Combined 25th International Workshop on Expressiveness in Concurrency and 15th Workshop on Structural Operational Semantics and 15th Workshop on Structural Operational Semantics, EXPRESS/SOS 2018, pp. 53–68 (2018)

    Google Scholar 

  25. Kemeny, J.G., Snell, J.L.: Finite Markov Chains. D. Van Nostrand Company Inc. (1960)

    Google Scholar 

  26. Lafrance, S., Mullins, J.: Bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. Electron. Notes Theor. Comput. Sci. 61, 1–24 (2002)

    Article  Google Scholar 

  27. Mantel, H.: Possibilistic definitions of security - an assembly kit -. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW 2000), IEEE Computer Society Press, pp. 185–199 (2000)

    Google Scholar 

  28. Mantel, H.: Unwinding possibilistic security properties. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 238–254. Springer, Heidelberg (2000). https://doi.org/10.1007/10722599_15

    Chapter  Google Scholar 

  29. Mantel, H.: Information flow control and applications — bridging a gap —. In: Oliveira, J.N., Zave, P. (eds.) FME 2001. LNCS, vol. 2021, pp. 153–172. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45251-6_9

    Chapter  Google Scholar 

  30. Martinelli, F.: Partial model checking and theorem proving for ensuring security properties. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW 1998), IEEE Computer Society Press, pp. 44–52 (1998)

    Google Scholar 

  31. McCullough, D.: A hookup theorem for multilevel security. IEEE Trans. Software Eng. 16, 563–568 (1990)

    Article  Google Scholar 

  32. McLean, J.: A general theory of composition for trace sets closed under selective interleaving functions. In: Proceedings of the IEEE Symposium on Security and Privacy (SSP 1994), IEEE Computer Society Press, pp. 79–93 (1994)

    Google Scholar 

  33. Millen, J.K.: Unwinding forward correctability. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW 1994), IEEE Computer Society Press, pp. 2–10 (1994)

    Google Scholar 

  34. Mullins, J.: Nondeterministic admissible interference. J. Univers. Comput. Sci. 11, 1054–1070 (2000)

    MATH  Google Scholar 

  35. Piazza, C., Pivato, E., Rossi, S.: Cops - checker of persistent security. In: Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2004), pp. 144–152 (2004)

    Chapter  Google Scholar 

  36. Rausch, M., Fawaz, A., Keefe, K., Sanders, W.H.: Modeling humans: a general agent model for the evaluation of security. In: McIver, A., Horvath, A. (eds.) QEST 2018. LNCS, vol. 11024, pp. 373–388. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99154-2_23

    Chapter  Google Scholar 

  37. Roscoe, A.W., Goldsmith, M.H.: What is intransitive noninterference? In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW 1999), pp. 228–238 (1999)

    Google Scholar 

  38. Rushby, J.: Noninterference, transitivity, and channel-control security policies. Technical Report CSL-92-02, SRI International, December 1992

    Google Scholar 

  39. Ryan, P.Y.A.: A CSP Formulation of Non-Interference and Unwinding. Cipher, pp. 19–27 (1991)

    Google Scholar 

  40. Ryan, P.Y.A., Schneider, S.: Process algebra and non-interference. J. Comput. Secur. 9(1/2), 75–103 (2001)

    Article  Google Scholar 

  41. Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW 2000), IEEE Computer Society Press, pp. 200–215 (2000)

    Google Scholar 

  42. Smith, G., Volpano, D.M.: Secure information flow in a multi-threaded imperative language. In: Proceedings of ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 1998), ACM Press, pp. 355–364 (1998)

    Google Scholar 

  43. von Oheimb, D.: Information flow control revisited: noninfluence = noninterference + nonleakage. In: Computer Security (ESORICS 2004), pp. 225–243 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Università Ca’ Foscari Venezia, Venezia, Italy

    Andrea Marin & Sabina Rossi

  2. Università di Udine, Udine, Italy

    Carla Piazza

Authors
  1. Andrea Marin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carla Piazza
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sabina Rossi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sabina Rossi .

Editor information

Editors and Affiliations

  1. University of Birmingham, Birmingham, UK

    David Parker

  2. Saarland University, Saarbrücken, Germany

    Verena Wolf

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Marin, A., Piazza, C., Rossi, S. (2019). A Process Algebra for (Delimited) Persistent Stochastic Non-Interference. In: Parker, D., Wolf, V. (eds) Quantitative Evaluation of Systems. QEST 2019. Lecture Notes in Computer Science(), vol 11785. Springer, Cham. https://doi.org/10.1007/978-3-030-30281-8_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30281-8_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30280-1

  • Online ISBN: 978-3-030-30281-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation