Composition and Declassification in Possibilistic Information Flow Security

Formal methods for security can rule out whole classes of security vulnerabilities, but applying them in practice remains challenging. This thesis develops formal verification techniques for information flow security that combine the expressivity and scalability strengths of existing frameworks. It builds upon Bounded Deducibility (BD) Security, which allows specifying and verifying fine-grained policies about what information may flow when to whom. Our main technical result is a compositionality theorem for BD Security, providing scalability by allowing us to verify security properties of a large system by verifying smaller components. Its practical utility is illustrated by a case study of verifying confidentiality properties of a distributed social media platform. Moreover, we discuss its use for the modular development of secure workflow systems, and for the security-preserving enforcement of safety and security properties other than information flow control

CoSMed: A Confidentiality-Verified Social Media Platform

This paper describes progress with our agenda of formal verification of information flow security for realistic systems. We present CoSMed, a social media platform with verified document confidentiality. The system’s kernel is implemented and verified in the proof assistant Isabelle/HOL. For verification, we employ the framework of Bounded-Deducibility (BD) Security, previously introduced for the conference system CoCon. CoSMed is a second major case study in this framework. For CoSMed, the static topology of declassification bounds and triggers that characterized previous instances of BD Security has to give way to a dynamic integration of the triggers as part of the bounds. We also show that, from a theoretical viewpoint, the removal of triggers from the notion of BD Security does not restrict its expressiveness

Dimensional accuracy of Electron Beam Melting (EBM) additive manufacture with regard to weight optimized truss structures

The Electron Beam (EBM) additive manufacturing process is well suited to fabricating complex structural designs in Ti–6Al–4V because of the design freedoms it offers combined with strong and consistent material properties. However it has been observed that complications may arise when manufacturing truss-like structures (such as those produced via structural topology optimization) in the form of undersized features on the finished part. The issue appears to affect truss members that are not aligned with the vertical build direction, with an apparent lack of material on the negative surfaces. This effect appears to worsen with a greater angle between the truss member and the build direction, even with the use of support structures. This investigation has characterized and measured the dimensional errors that result from this issue through 3D scanning techniques. Process modifications have then been made which result in significant improvements in dimensional accuracy. This investigation highlights the importance of heat management at features with negative surfaces to yield parts that are dimensionally accurate without introducing excessive internal melt defects in the form of voids and porosity

RIFL 1.1: A Common Specification Language for Information-Flow Requirements

The RS³ Information-Flow Specification Language (RIFL) is a policy language for information-flow security. RIFL originated from the need for a common language for specifying security requirements within the DFG priority program Reliably Secure Software Systems (RS³) (http://www.spp-rs3.de). In this report, we present the syntax and informal semantics of RIFL 1.1, the most recent version of RIFL. At this point in time, RIFL is supported by four tools for information-flow analysis. We believe that RIFL can also be useful as a policy language for further tools, and we encourage its adoption and extension by the community

Komposition und Deklassifikation in possibilistischer Informationsflusssicherheit

Formal methods for security can rule out whole classes of security vulnerabilities, but applying them in practice remains challenging. This thesis develops formal verification techniques for information flow security that combine the expressivity and scalability strengths of existing frameworks. It builds upon Bounded Deducibility (BD) Security, which allows specifying and verifying fine-grained policies about what information may flow when to whom. Our main technical result is a compositionality theorem for BD Security, providing scalability by allowing us to verify security properties of a large system by verifying smaller components. Its practical utility is illustrated by a case study of verifying confidentiality properties of a distributed social media platform. Moreover, we discuss its use for the modular development of secure workflow systems, and for the security-preserving enforcement of safety and security properties other than information flow control