4 research outputs found
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
Analysing Flow Security Properties in Virtualised Computing Systems
This paper studies the problem of reasoning about flow security properties in
virtualised computing networks with mobility from perspective of formal
language. We propose a distributed process algebra CSP_{4v} with security
labelled processes for the purpose of formal modelling of virtualised computing
systems. Specifically, information leakage can come from observations on
process executions, communications and from cache side channels in the
virtualised environment. We describe a cache flow policy to identify such
flows. A type system of the language is presented to enforce the flow policy
and control the leakage introduced by observing behaviours of communicating
processes and behaviours of virtual machine (VM) instances during accessing
shared memory cache