Compatibility of Safety Properties and Possibilistic Information Flow Security in MAKS

Abstract : Motivated by typical security requirements of workflow management systems, we consider the integrated verification of both safety properties (e.g. separation of duty) and information flow security predicates of the MAKS framework (e.g. modeling confidentiality requirements). Due to the refinement paradox, enforcement of safety properties might violate possibilistic information flow properties of a system. We present an approach where sufficient conditions for the compatibility of safety properties and information flow security are derived by performing an information flow analysis of a monitor enforcing the safety property and applying existing compositionality results for MAKS security predicates. These conditions then guarantee that the composition of a target system with the monitor satisfies both kinds of properties. We illustrate our approach by deriving sufficient conditions for the security-preserving enforcement of separation of duty and ordered message delivery in an asynchronous communication platform.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.250-263, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_21〉
Liste complète des métadonnées

Littérature citée [18 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01370371
Contributeur : Hal Ifip <>
Soumis le : jeudi 22 septembre 2016 - 14:26:10
Dernière modification le : jeudi 22 septembre 2016 - 15:11:23

Fichier

978-3-642-55415-5_21_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Thomas Bauereiss, Dieter Hutter. Compatibility of Safety Properties and Possibilistic Information Flow Security in MAKS. Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.250-263, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_21〉. 〈hal-01370371〉

Partager

Métriques

Consultations de la notice

41

Téléchargements de fichiers

8