On the Decidability of Model-Checking Information Flow Properties

  • Deepak D’Souza
  • Raveendra Holla
  • Janardhan Kulkarni
  • Raghavendra K. Ramesh
  • Barbara Sprick
Conference paper

DOI: 10.1007/978-3-540-89862-7_2

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5352)
Cite this paper as:
D’Souza D., Holla R., Kulkarni J., Ramesh R.K., Sprick B. (2008) On the Decidability of Model-Checking Information Flow Properties. In: Sekar R., Pujari A.K. (eds) Information Systems Security. ICISS 2008. Lecture Notes in Computer Science, vol 5352. Springer, Berlin, Heidelberg

Abstract

Current standard security practices do not provide substantial assurance about information flow security: the end-to-end behavior of a computing system. Noninterference is the basic semantical condition used to account for information flow security. In the literature, there are many definitions of noninterference: Non-inference, Separability and so on. Mantel presented a framework of Basic Security Predicates (BSPs) for characterizing the definitions of noninterference in the literature. Model-checking these BSPs for finite state systems was shown to be decidable in [8]. In this paper, we show that verifying these BSPs for the more expressive system model of pushdown systems is undecidable. We also give an example of a simple security property which is undecidable even for finite-state systems: the property is a weak form of non-inference called WNI, which is not expressible in Mantel’s BSP framework.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Deepak D’Souza
    • 1
  • Raveendra Holla
    • 1
  • Janardhan Kulkarni
    • 1
  • Raghavendra K. Ramesh
    • 1
  • Barbara Sprick
    • 2
  1. 1.Department of Computer Sc. & AutomationIndian Institute of ScienceIndia
  2. 2.Department of Computer Science, Modeling and Analysis of Information SystemsTU DarmstadtGermany

Personalised recommendations