Automated Detection of Information Leakage in Access Control

Anderson Santana de Oliveira 1 Charles Morisset 2
1 PROTHEO - Constraints, automatic deduction and software properties proofs
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
2 SPI - Sémantiques, preuves et implantation
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : The prevention of information flow is an important concern in several access control models. Even though this property is stated in the model specification, it is not easy to verify it in the actual implementation of a given security policy. In this paper we model-check rewrite-based implementations of access control policies. We propose a general algorithm that allows one to automatically identify information leakage. We apply our approach to the well-known security model of Bell and LaPadula and show that its generalization proposed by McLean does not protect a system against information leakage.
Document type :
Conference papers
Complete list of metadatas

https://hal.inria.fr/inria-00185713
Contributor : Anderson Santana de Oliveira <>
Submitted on : Tuesday, November 6, 2007 - 6:45:13 PM
Last modification on : Thursday, March 21, 2019 - 1:09:40 PM

Identifiers

  • HAL Id : inria-00185713, version 1

Citation

Anderson Santana de Oliveira, Charles Morisset. Automated Detection of Information Leakage in Access Control. Second International Workshop on Security and Rewriting Techniques - SecReT 2007, Jun 2007, Paris, France. ⟨inria-00185713⟩

Share

Metrics

Record views

219