Security via Noninterference: Analyzing Information Flows

Nowadays, the security of information systems is of crucial importance. The large number of detected security vulnerabilities in many systems indicates that new methods for developing secure systems are necessary. These require an appropriate formal foundation. A widely used approach revolves around the notions noninterference and information flow. They allow to express and analyze the absence of illegal information flows and covert channels. In this thesis, the framework of noninterference for state-based asynchronous systems is extended and enriched with new techniques in order to gain a deeper understanding and a broader applicability. As a result, a formal foundation for developing secure systems is obtained. First, new results for the notion of intransitive noninterference are obtained. In particular, a complete characterization by unwinding relations makes the development of a polynomial-time verification algorithm possible in the first place. Second, the previous noninterference definitions are extended with support for policies changing during execution. To capture all resulting security requirements, a new theory of so-called dynamic noninterference is developed and compared to previous approaches. The applicability of this framework is demonstrated by several examples and a complex case study of a distributed dynamic access control system. Third, algorithmic problems are examined, in particular with regard to the question of decidability and complexity of the analyzed security definitions. New undecidability results for some of the present security definitions are obtained, and new efficient algorithms for the verification of both the previously existing and in this thesis developed different notions of noninterference are established