328,500 research outputs found
Enhancing privacy implementations of database enquiries
Privacy is an issue of increasing concern to the Inter- net user. To ensure the continued success of distributed information systems, a reliable information flow must be established in certified but immediately evident ways. We begin with basic consideration of the privacy problem in the general setting of database enquiries. From there, we develop a simple solution, which we illustrate with a simple implementation in the programming language Erlang, and conclude by providing an informal security analysis
Security analysis of private data enquiries in Erlang
Privacy is an issue of increasing concern to the Inter- net user. To ensure the continued success of distributed information systems, a reliable information flow must be established in certified but immediately evident ways. We begin with basic consideration of the privacy problem in the general setting of database enquiries. From there, we develop a simple solution, which we illustrate with a simple implementation in the programming language Erlang. We first provide an informal security analysis that is then developed into a formal definition of a type system for noninterference
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
History-sensitive versus future-sensitive approaches to security in distributed systems
We consider the use of aspect-oriented techniques as a flexible way to deal
with security policies in distributed systems. Recent work suggests to use
aspects for analysing the future behaviour of programs and to make access
control decisions based on this; this gives the flavour of dealing with
information flow rather than mere access control. We show in this paper that it
is beneficial to augment this approach with history-based components as is the
traditional approach in reference monitor-based approaches to mandatory access
control. Our developments are performed in an aspect-oriented coordination
language aiming to describe the Bell-LaPadula policy as elegantly as possible.
Furthermore, the resulting language has the capability of combining both
history- and future-sensitive policies, providing even more flexibility and
power.Comment: In Proceedings ICE 2010, arXiv:1010.530
Possibilistic Information Flow Control for Workflow Management Systems
In workflows and business processes, there are often security requirements on
both the data, i.e. confidentiality and integrity, and the process, e.g.
separation of duty. Graphical notations exist for specifying both workflows and
associated security requirements. We present an approach for formally verifying
that a workflow satisfies such security requirements. For this purpose, we
define the semantics of a workflow as a state-event system and formalise
security properties in a trace-based way, i.e. on an abstract level without
depending on details of enforcement mechanisms such as Role-Based Access
Control (RBAC). This formal model then allows us to build upon well-known
verification techniques for information flow control. We describe how a
compositional verification methodology for possibilistic information flow can
be adapted to verify that a specification of a distributed workflow management
system satisfies security requirements on both data and processes.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
The Anatomy and Facets of Dynamic Policies
Information flow policies are often dynamic; the security concerns of a
program will typically change during execution to reflect security-relevant
events. A key challenge is how to best specify, and give proper meaning to,
such dynamic policies. A large number of approaches exist that tackle that
challenge, each yielding some important, but unconnected, insight. In this work
we synthesise existing knowledge on dynamic policies, with an aim to establish
a common terminology, best practices, and frameworks for reasoning about them.
We introduce the concept of facets to illuminate subtleties in the semantics of
policies, and closely examine the anatomy of policies and the expressiveness of
policy specification mechanisms. We further explore the relation between
dynamic policies and the concept of declassification.Comment: Technical Report of publication under the same name in Computer
Security Foundations (CSF) 201
- …