Secure states versus Secure executions: From access control to flow control

Mathieu Jaume 1 Radoniaina Andriatsimandefitra 2 Valérie Viet Triem Tong 2 Ludovic Mé 2
1 MoVe - Modélisation et Vérification
LIP6 - Laboratoire d'Informatique de Paris 6
2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Several points of view exist about security policies among which two main approaches can be distinguished: policies can be defined by some properties over states of a system or by some properties over exe- cutions of a system. While enforcing a policy specified by some properties over states is rather easy, designing enforcement mechanisms to ensure security properties over executions is more complex. However, enforcing a property over states is sometimes sufficient to ensure a property over executions. In this paper, we investigate these two approaches in order to provide a formal framework that permits to make the bridge between the definition of secure states and security properties over sequences of secure states corresponding to executions. Along the lines of this paper, we illustrate our definitions by considering access control policies defined as properties over states and flow properties over executions of a system.
Type de document :
Communication dans un congrès
ICISS 2013 - 9th International Conference on Information Systems Security, Dec 2013, Calcutta, India. Springer, 8303, pp.148-162, 2013, Lecture Notes in Computer Science. <10.1007/978-3-642-45204-8_11>
Liste complète des métadonnées

https://hal.inria.fr/hal-01083384
Contributeur : Radoniaina Andriatsimandefitra <>
Soumis le : lundi 17 novembre 2014 - 11:25:32
Dernière modification le : jeudi 9 février 2017 - 15:35:10

Identifiants

Citation

Mathieu Jaume, Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong, Ludovic Mé. Secure states versus Secure executions: From access control to flow control. ICISS 2013 - 9th International Conference on Information Systems Security, Dec 2013, Calcutta, India. Springer, 8303, pp.148-162, 2013, Lecture Notes in Computer Science. <10.1007/978-3-642-45204-8_11>. <hal-01083384>

Partager

Métriques

Consultations de la notice

822