Abstract
Language-based and process calculi-based information security are well developed fields of computer security. Although these fields have much in common, it is somewhat surprising that the literature lacks a comprehensive account of a formal link between the two disciplines. This paper develops such a link between a language-based specification of security and a process-algebraic framework for security properties. Encoding imperative programs into a CCS-like process calculus, we show that timing-sensitive security for these programs exactly corresponds to the well understood process-algebraic security property of persistent bisimulation-based nondeducibility on compositions (P_BNDC). This rigorous connection opens up possibilities for cross-fertilization, leading to both flexible policies when specifying the security of heterogeneous systems and to a synergy of techniques for enforcing security specifications.
This work was supported by the EU-FET project MyThS (IST-2001-32617).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M.: Protection in programming-language translations. In: Larsen, K.G., Skyum, S., Winskel, G. (eds.) ICALP 1998. LNCS, vol. 1443, pp. 868–883. Springer, Heidelberg (1998)
Clark, D., Hankin, C., Hunt, S.: Information flow for Algol-like languages. Journal of Computer Languages 28(1), 3–28 (2002)
Dam, M., Giambiagi, P.: Confidentiality for mobile code: The case of a simple payment protocol. In: Proc. IEEE Computer Security Foundations Workshop, July 2000, pp. 233–244 (2000)
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACM 20(7), 504–513 (1977)
Focardi, R., Gorrieri, R.: A Classification of Security Properties for Process Algebras. Journal of Computer Security 3(1), 5–33 (1994/1995)
Focardi, R., Gorrieri, R.: The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties. IEEE Transactions on Software Engineering 23(9), 550–571 (1997)
Focardi, R., Gorrieri, R.: Classification of Security Properties (Part I: Information Flow). In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001)
Focardi, R., Gorrieri, R., Martinelli, F.: Information flow analysis in a discrete-time process algebra. In: Proc. IEEE Computer Security Foundations Workshop, July 2000, pp. 170–184 (2000)
Focardi, R., Rossi, S.: Information Flow Security in Dynamic Contexts. In: Proc. of the IEEE Computer Security Foundations Workshop, pp. 307–319. IEEE Computer Society Press, Los Alamitos (2002)
Focardi, R., Rossi, S., Sabelfeld, A.: Bridging Language-Based and Process Calculi Security. Technical Report CS-2004-14, Dipartimento di Informatica, Università Ca’ Foscari di Venezia, Italy (2004), http://www.dsi.unive.it/ricerca/TR/index.htm
Giambiagi, P., Dam, M.: On the secure implementation of security protocols. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 144–158. Springer, Heidelberg (2003)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. IEEE Symp. on Security and Privacy, April 1982, pp. 11–20 (1982)
Hennessy, M., Riely, J.: Information flow vs. resource access in the asynchronous pi-calculus. resource access in the asynchronous pi-calculus 24(5), 566–591 (2002)
Honda, K., Vasconcelos, V., Yoshida, N.: Secure information flow as typed process behaviour. In: Smolka, G. (ed.) ESOP 2000. LNCS, vol. 1782, pp. 180–199. Springer, Heidelberg (2000)
Honda, K., Yoshida, N.: A uniform type structure for secure information flow. In: Proc. ACM Symp. on Principles of Programming Languages, January 2002, pp. 81–92 (2002)
Honda, K., Yoshida, N.: Noninterference through flow analysis. Journal of Functional Programming (2005) (to appear)
Joshi, R., Leino, K.R.M.: A semantic approach to secure information flow. Science of Computer Programming 37(1–3), 113–138 (2000)
Kobayashi, N.: Type-based information flow analysis for the pi-calculus. Technical Report TR03-0007, Tokyo Institute of Technology (October 2003)
Lampson, B.W.: A note on the confinement problem. Comm. of the ACM 16(10), 613–615 (1973)
Mantel, H.: Possibilistic definitions of security – An assembly kit –. In: Proc. IEEE Computer Security Foundations Workshop, July 2000, pp. 185–199 (2000)
Mantel, H., Sabelfeld, A.: A unifying approach to the security of distributed and multi-threaded programs. J. Computer Security 11(4), 615–676 (2003)
Milner, R.: Communication and Concurrency. Prentice-Hall, Englewood Cliffs (1989)
Piazza, C., Pivato, E., Rossi, S.: CoPS - Checker of Persistent Security. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 144–152. Springer, Heidelberg (2004)
Pottier, F.: A simple view of type-secure information flow in the pi-calculus. In: Proc. IEEE Computer Security Foundations Workshop, June 2002, pp. 320–330 (2002)
Ryan, P.: Mathematical models of computer security—tutorial lectures. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 1–62. Springer, Heidelberg (2001)
Sabelfeld, A., Mantel, H.: Static confidentiality enforcement for distributed programs. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 376–394. Springer, Heidelberg (2002)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Selected Areas in Communications 21(1), 5–19 (2003)
Sabelfeld, A., Sands, D.: Probabilistic noninterference for multi-threaded programs. In: Proc. IEEE Computer Security Foundations Workshop, July 2000, pp. 200–214 (2000)
Smith, G., Volpano, D.: Secure information flow in a multi-threaded imperative language. In: Proc. ACM Symp. on Principles of Programming Languages, January 1998, pp. 355–364 (1998)
Winskel, G.: The Formal Semantics of Programming Languages: An Introduction. MIT Press, Cambridge (1993)
Yoshida, N., Honda, K., Berger, M.: Linearity and bisimulation. In: Nielsen, M., Engberg, U. (eds.) FOSSACS 2002. LNCS, vol. 2303, pp. 417–433. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Rossi, S., Sabelfeld, A. (2005). Bridging Language-Based and Process Calculi Security. In: Sassone, V. (eds) Foundations of Software Science and Computational Structures. FoSSaCS 2005. Lecture Notes in Computer Science, vol 3441. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31982-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-540-31982-5_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25388-4
Online ISBN: 978-3-540-31982-5
eBook Packages: Computer ScienceComputer Science (R0)