An Approach to Information Security in Distributed Systems

Information flow control mechanisms detect and prevent illegal transfers of information within a computer system. In this paper, we give an overview of a programming language based approach to information flow control in a system of communicating processes. The language chosen to present the approach is CSP. We give the security semantics of CSP and show, with the aid of examples, how the semantics can be used to conduct both manual and automated security proofs of application programs. 1 Introduction One of the most noteworthy trends in modern computing is the proliferation of automated systems to commercial, administrative and other fields. The amount of sensitive information being stored in computer systems has increased as a consequence and with that, the seriousness of an attack on a system where a user succeeds in illegally gaining access to information in the system. Distributed computing has excacerbated this problem since information can be accessed over wide geographical di..