Characterising the fundamental concepts of information security, such as confidentiality and authentication, has proved problematic from the outset and remains controversial to this day. Non-interference was proposed some 25 years ago to give a precise, formal characterisation of the absence of information flows through a system, motivated in large part by the discovery of covert channels in access control models such as Bell-LaPadula. Intuitively, it asserts that altering Highs interactions with a system should not result in any observable difference in Lows interactions with the system. Superficially it appears to be a very natural and compelling concept but it turns out to harbor some surprising subtleties. Over the years various models of computation have been used to formalise non-interference. Typically these floundered on non-determinism, "input/output" distinctions, input totality and so forth. In the late 80's and early 90's, process algebras, in particular CSP, were applied to information security. In this talk I will briefly overview this approach and discuss how the concepts and results from process algebra shed light on these haunted corners of non-interference, including the role of non-determinism, unwinding results, composition, refinement and input/output distinctions. In particular, we argue that the absence of information flow can be characterised in terms of process equivalence, itself a delicate and fundamental concept. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Ryan, P. (2005). Shedding light on haunted corners of information security. In Lecture Notes in Computer Science (Vol. 3525, p. 264). Springer Verlag. https://doi.org/10.1007/11423348_15
Mendeley helps you to discover research relevant for your work.