By Topic

Computer Security Foundations Workshop VI, 1993. Proceedings

Date 15-17 June 1993

Filter Results

Displaying Results 1 - 14 of 14
  • 1993 Computer Security Foundations Workshop VI Proceedings (Cat. No.93TH0561-1)

    Save to Project icon | Request Permissions | PDF file iconPDF (26 KB)  
    Freely Available from IEEE
  • A Petri net representation of the Take-Grant model

    Page(s): 99 - 108
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (632 KB)  

    The Take-Grant model is formalised with a Petri net notation. It is shown that this approach offers a convenient way to deal with the problem of determining the cooperation required to share or steal rights. An algorithm is proposed that finds all rights that a subject can steal with the help of a given set of conspirators. With the Petri net abstraction, the problem can be solved in linear time. It is compared to another algorithm exposed in the literature that requires n 2 operations for a n subject graph View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Automated support for external consistency

    Page(s): 71 - 81
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (836 KB)  

    Two models are presented of how to achieve an external-consistency objective motivated by the enterprise integrity of D.D. Clark and D.R. Wilson. The authors' notion of external consistency deals with the correctness of both assertions-propositions claimed to be true by their source-and requests-commands, authorizations, and similar sentences intended to change their source's environment. Each model considers assertions and requests from the perspective of both users and the automated system; this gives rise to defined responsibilities and requirements for both. The first, simple model assumes that users can reliably provide correct inputs to the automated system. The second model, taking a more realistic view of human enterprises, assumed that only experienced users have such capabilities. In both cases, the primary requirement imposed on the automated system is that it produces correct outputs provided enough of its inputs are correct. The authors call this an `output warranty' requirement in reference to the vendor's responsibility for the quality of the automated system View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A logical formalization of secrecy

    Page(s): 53 - 62
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (792 KB)  

    A formal definition is given of what must be considered as secret in a multilevel computer system. The author's point of view drastically differs from the classical approaches since it advocates that all the information contained in the sequence of high level inputs need not be considered as secret. The approach is based on an extended logic involving epistemic and deontic modal operators. This leads to a new security property called nondisclosure on inputs that must really be considered as secret. The author refines this first definition to obtain a stronger property simply called nondisclosure which protects both high level strategies and high level outputs. Finally, a suggestion is given on how one could combine the causality and nondisclosure properties to obtain a decision procedure for analyzing the security of computer systems View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards formal analysis of security protocols

    Page(s): 147 - 158
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (840 KB)  

    The pioneering and well-known work of M. Burrows, M. Abadi and R. Needham (1989), (the BAN logic) which dominates the area of security protocol analysis is shown to take an approach which is not fully formal and which consequently permits approval of dangerous protocols. Measures to make the BAN logic formal are then proposed. The formalisation is found to be desirable not only for its potential in providing rigorous analysis of security protocols, but also for its readiness for supporting a computer-aided fashion of analysis View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Information flow control in a parallel language framework

    Page(s): 39 - 52
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (960 KB)  

    A discussion is given on a programming language based approach to information flow control in a system of communicating processes. The approach differs from previous work in that the security level approach to controlling flows is replaced by a mechanism where flows are registered in terms of the set of variable signaling information and that the manner of registering the inter-process information flows does not require any extra message exchanges. The language chosen to present these ideas is Hoare's CSP. The authors give the `security semantics' of CSP and show, with the aid of two examples, how these semantics can be used to conduct security proofs of parallel programs View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On analyzing the bus-contention channel under fuzzy time

    Page(s): 3 - 9
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (512 KB)  

    The bus-contention channel is a covert channel that can be exploited at a rate exceeding 1000 bits per second. Fuzzy time is a countermeasure first described by Wei-Ming Hu (1991). To assess the effectiveness of fuzzy time, it is desirable to have an information-theoretic capacity analysis of the bus-contention channel under fuzzy time. The author points out that the capacity of this channel depends on the assumptions that are held regarding the environment in which the channel is being exploited. He discusses various assumptions that may be held regarding the environment. He argues that a capacity analysis under the weakest of these assumptions (viz. the `secure environment assumption) provides an upper bound on the capacity under the other assumptions discussed. It has been argued that a capacity analysis under the stronger assumptions is intractable. Therefore, an analysis under the weaker assumption provides the best available upper bound on the capacity of this channel. The author shows how to analyze the capacity of the channel under the weaker environment assumption and carries out such analysis of the channel using realistic system parameters and variety of fuzzy time parameters View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modeling restrictive processes that involve blocking requests

    Page(s): 27 - 38
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (828 KB)  

    A decomposition method is given for showing restrictiveness that supports shared resource handling. The author splits a process into two subprocesses representing the server and client. The client process may request information and block until the information is sent. The server process will provide information when requested. This kind of method supports a natural way of expressing models using a shared resource such as file system. The author presents both the theoretical basis for the method as well as how it can be practically applied View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The concurrency control and recovery problem for multilevel update transactions in MLS systems

    Page(s): 10 - 23
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1156 KB)  

    The problem is addressed of a transaction reading and writing data at multiple classification levels in a multilevel secure (MLS) database. The authors refer to such transactions as multilevel update transactions. They show that no scheduler can ensure atomicity of multilevel update transactions in the presence of transaction aborts and at the same time be secure. There are essentially two ways of scheduling multilevel update transactions. The first method, which ensures strong atomicity, involves delaying low-level subtransactions until the fats of the sibling high-level subtransactions are known. The second scheme, which ensures only semantic atomicity, involves compensating the effects of any committed subtransactions. Analysis of these schemes indicates that the compensation approach leads to lower covert channel bandwidths. A concurrency control and recovery protocol based on compensation is proposed for multilevel update transactions. The security and correctness of the protocol is considered View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On testing for absence of rights in access control models

    Page(s): 109 - 118
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (544 KB)  

    The well-known access control model formalized by M.H. Harrison, W.C. Ruzzo, and J.D. Ullman (HRU) (1976), does not allow testing for absence of access rights in its commands. R.S. Sandhu's Typed Access Matrix (TAM) model (1992), which introduces strong typing into the HRU model, continues this tradition. P.E. Ammann R.S. Sandhu (1992), have proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of rights. The motivation for ATAM is to express policies for dynamic separation of duties based on transaction control expressions. The authors study the question of whether or not testing for absence of access rights adds fundamental expressive power. They show that TAM and ATAM are formally equivalent in their expressive power. However, their construction indicates that while testing for absence of rights is theoretically unnecessary, such testing appears to be practically beneficial View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A lattice of information

    Page(s): 65 - 70
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (376 KB)  

    A framework is given for describing information and information flow. The authors show that information can be represented as a lattice. They motivate the idea that this framework is applicable for demonstrating security properties of systems. In particular, they show the relationship between the lattice representing information and the unwinding theorem. They also demonstrate the relationship between properties of this lattice and the aggregation problem View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An introduction to the mathematics of trust in security protocols

    Page(s): 121 - 127
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (524 KB)  

    One of the most important functions performed by security protocols is to transfer trust from where it exists to where it is needed. As a result , all protocols enforce a set of restrictions as to who may exercise them-either spelled out explicitly or left implicit in the protocol specification. In addition, there may be unanticipated-even unacceptable-groupings of participants who can also exercise the protocol as a result of trusts existing among some of them. Formal methods are developed to analyze trust as a fundamental dimension in security protocol analysis and proof View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Variations on the themes of message freshness and replay-or the difficulty in devising formal methods to analyze cryptographic protocols

    Page(s): 131 - 136
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (456 KB)  

    A survey is given of the variations on the choice and the usage of freshness identifiers, and the various forms of replay attack. Besides helping to clarify the important concepts of freshness and replay, this exercise demonstrates the potential complexity in devising formal methods to analyze cryptographic protocols View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Abstract machines for communication security

    Page(s): 137 - 146
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (752 KB)  

    An existing formal software development method called B is used to build and verify specifications of a communication channel, cryptographic functions and security properties. The authors show on an example how these basic specifications may be combined in order to write abstract specifications of cryptographic protocols and to verify their security View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.