Shedding light on haunted corners of information security

Ryan, P

doi:10.1007/11423348_15

Shedding light on haunted corners of information security

Lookup NU author(s): Professor Peter Ryan

Downloads

Full text for this publication is not currently held within this repository. Alternative links are provided below where available.

Abstract

Characterising the fundamental concepts of information security, such as confidentiality and authentication, has proved problematic from the outset and remains controversial to this day. Non-interference was proposed some 25 years ago to give a precise, formal characterisation of the absence of information flows through a system, motivated in large part by the discovery of covert channels in access control models such as Bell-LaPadula. Intuitively, it asserts that altering Highs interactions with a system should not result in any observable difference in Lows interactions with the system. Superficially it appears to be a very natural and compelling concept but it turns out to harbor some surprising subtleties. Over the years various models of computation have been used to formalise non-interference. Typically these floundered on non-determinism, "input/output" distinctions, input totality and so forth. In the late 80's and early 90's, process algebras, in particular CSP, were applied to information security. In this talk I will briefly overview this approach and discuss how the concepts and results from process algebra shed light on these haunted corners of non-interference, including the role of non-determinism, unwinding results, composition, refinement and input/output distinctions. In particular, we argue that the absence of information flow can be characterised in terms of process equivalence, itself a delicate and fundamental concept. © Springer-Verlag Berlin Heidelberg 2005.