On the verification of intransitive noninterference in multilevel security

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics

Volumn 35, Issue 5, 2005, Pages 948-958

  Ben Hadj Alouane, Nejib ^a   Lafrance, Stéphane ^b   Lin, Feng ^c,d   Mullins, John ^b   Yeddes, Mohamed Moez ^a  

^a UNIVERSITY OF MANOUBA   (Tunisia)

^b ÉCOLE POLYTECHNIQUE DE MONTRÉAL   (Canada)

^c Wayne State University   (United States)

^d TONGJI UNIVERSITY   (China)

Author keywords

Denial of service; Formal verification; Information flow; Interference; Intransitive noninterference (INI); Observability; Purge; Security policies

Indexed keywords

ALGORITHMS; AUTOMATA THEORY; FORMAL LANGUAGES; NETWORK PROTOCOLS; SECURITY OF DATA;

DENIAL OF SERVICE; FORMAL VERIFICATION; INFORMATION FLOW; INTRANSITIVE NONINTERFERENCE (INI); PURGE FUNCTION; SECURITY POLICIES;

OBSERVABILITY;

ALGORITHM; ARTICLE; ARTIFICIAL INTELLIGENCE; AUTOMATED PATTERN RECOGNITION; COMPUTER NETWORK; COMPUTER SECURITY; EVALUATION; INFORMATION RETRIEVAL; METHODOLOGY;

ALGORITHMS; ARTIFICIAL INTELLIGENCE; COMPUTER COMMUNICATION NETWORKS; COMPUTER SECURITY; INFORMATION STORAGE AND RETRIEVAL; PATTERN RECOGNITION, AUTOMATED;

EID: 26844532854     PISSN: 10834419     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCB.2005.847749     Document Type: Article

References (18)

1. D. E. Bell and L. J. LaPadula, "Secure computer system: Unified Eexposition and multics interpretation," Mitre Corporation, Bedford, MA, Tech. Rep. MTR-2997, 1976.
2. N. Ben Hadj-Alouane, S. Lafrance, F. Lin, J. Mullins, and M. Yeddes, "Characterizing intransitive noninterference for 3-domain security policies with observability," IEEE Trans. Autom. Control, to be published.
3. R. Focardi and R. Gorrieri, "A classification of security properties for process algebras," J. Comput. Security, vol. 3, no. 1, pp. 5-33, 1994/1995.
4. R. Focardi, R. Gorrieri, and F. Martinelli, "Message authentication through non interference," Algebraic Methodol. Software Technoll, pp. 258-272, 2000.
5. R. Focardi, R. Gorrieri, and F. Martinelli, "Secrecy in security protocols as non interference," presented at the DERA/RHUL Workshop on Secure Architectures and Information Flow, 2000.
6. J. A. Goguen and J. Meseguer, "Security policies and security models," in Proc. IEEE Symp. Research in Security and Privacy, Apr. 1982, pp. 11-20.
7. J. T. Haigh and W. D. Young, "Extending the noninterference version of mls for sat," IEEE Trans. Softw. Eng., vol. 13, no. 2, pp. 141-150, Feb. 1987.
8. J. E. Hopcroft, R. Motwani, and J. D. Ullman, Introduction to Automata Theory, Languages, and Computation, 2nd ed. Reading, MA: Addison-Wesley, 2001.
9. S. Lafrance and J. Mullins, "An information flow method to detect denial of service vulnerabilities," J. Univ. Comput. Sci., vol. 9, no. 11, pp. 1350-1369, 2003.
10. F. Lin and W. M. Wonham, "On observability of discrete-event systems," Inf. Sci., vol. 44, pp. 173-198, 1988.
11. C. Meadows, "A cost-based framework for analysis of denial of service networks," J. Comput. Security, vol. 9, no. 1/2, pp. 143-164, 2001.
12. J. Mullins, "Nondeterministic admissible interference," J. Univ. Comput. Sci., vol. 6, no. 11, pp. 1054-1070, 2000.
13. P. J. Ramadge and W. M. Wonham, "Supervisory control of a class of discrete-event processes," SIAM J. Control Optim., vol. 25, no. 1, pp. 206-230, 1987.
14. A. W. Roscoe and M. H. Goldsmith, "What is intransitive noninterference," presented at the 12th IEEE Computer Security Foundations Workshop, 1999.
15. J. Rushby, "Noninterference, transitivity and channel-control Security policies," SRI International, Menlo Park, CA, Tech. Rep. CSL-92-02, 1992.
16. P. Y. A. Ryan and S. A. Schneider, "Process algebra and noninterference," presented at the CSFW-12, Mordano, Italy, Jun. 1999.
17. S. Schneider, "Verifying authentication protocols in CSP," IEEE Trans. Softw. Eng., vol. 24, no. 8, pp. 447-479, Aug. 1998.
18. C. L. Schuba, I. V. Krsul, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni, "Analysis of a denial of service attack on TCP," in Proc. IEEE Symp. Security Privacy, May 1997, pp. 208-223.