Secure states versus Secure executions: From access control to flow control

Mathieu Jaume 1 Radoniaina Andriatsimandefitra 2 Valérie Viet Triem Tong 2 Ludovic Mé 2
1 MoVe - Modélisation et Vérification
LIP6 - Laboratoire d'Informatique de Paris 6
2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE, Inria Rennes – Bretagne Atlantique , CentraleSupélec
Abstract : Several points of view exist about security policies among which two main approaches can be distinguished: policies can be defined by some properties over states of a system or by some properties over exe- cutions of a system. While enforcing a policy specified by some properties over states is rather easy, designing enforcement mechanisms to ensure security properties over executions is more complex. However, enforcing a property over states is sometimes sufficient to ensure a property over executions. In this paper, we investigate these two approaches in order to provide a formal framework that permits to make the bridge between the definition of secure states and security properties over sequences of secure states corresponding to executions. Along the lines of this paper, we illustrate our definitions by considering access control policies defined as properties over states and flow properties over executions of a system.
Document type :
Conference papers
Liste complète des métadonnées
Contributor : Radoniaina Andriatsimandefitra <>
Submitted on : Monday, November 17, 2014 - 11:25:32 AM
Last modification on : Thursday, March 21, 2019 - 2:41:50 PM

Links full text



Mathieu Jaume, Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong, Ludovic Mé. Secure states versus Secure executions: From access control to flow control. ICISS 2013 - 9th International Conference on Information Systems Security, Dec 2013, Calcutta, India. pp.148-162, ⟨10.1007/978-3-642-45204-8_11⟩. ⟨hal-01083384⟩



Record views