Advertisement

Abstractions Preserving Parameter Confidentiality

  • Sigrid Gürgens
  • Peter Ochsenschläger
  • Carsten Rudolph
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3679)

Abstract

Confidentiality of certain parameters is an essential security requirement for many security sensitive applications. In this paper, conditions for abstractions are formulated in terms of formal language theory to be able to prove parameter confidentiality in an abstract view of a system and then conclude that an adequate representation of the property is satisfied in the refined system as well. These conditions essentially depend on an agent’s view as well as on an agent’s initial knowledge of the system behaviour, which explicitely formalizes assumptions about the system.

Keywords

Formal Language Security Property Label Transition System Abstract System Local View 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Abadi, M., Tuttle, M.R.: A Semantics for a Logic of Authentication. In: Tenth Annual ACM Symposium on Principles of Distributed Computing, Montreal, Canada, pp. 201–216 (August 1991)Google Scholar
  2. 2.
    Agudo, I., Gürgens, S., Lopez, J.: Casenet: One year later. In: 18th IFIP International Information Security Conference 2003, Athens, Greece (2003)Google Scholar
  3. 3.
    Burrows, M., Abadi, M., Needham, R.: A Logic of Authentication. ACM Transactions on Computer Systems 8 (1990)Google Scholar
  4. 4.
    CASENET. IST project, 2001-32446, http://www.casenet-eu.org/
  5. 5.
    Eilenberg, S.: Automata, Languages and Machines. Academic Press, New York (1974)zbMATHGoogle Scholar
  6. 6.
    Gürgens, S., Ochsenschläger, P., Rudolph, C.: Parameter confidentiality. In: Informatik 2003 - Teiltagung Sicherheit. Gesellschaft für Informatik (2003)Google Scholar
  7. 7.
    Gürgens, S., Ochsenschläger, P., Rudolph, C.: On a formal framework for security properties. International Computer Standards & Interface Journal (CSI), Special issue on formal methods, techniques and tools for secure and reliable applications (2005)Google Scholar
  8. 8.
    Heisel, M., Pfitzmann, A., Santen, T.: Confidentiality-preserving refinement. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, pp. 295–305. IEEE Computer Society Press, Los Alamitos (2001)CrossRefGoogle Scholar
  9. 9.
    Jacob, J.: Basic Theorems About Security. Journal of Computer Security 1(4), 385–411 (1992)Google Scholar
  10. 10.
    Jürjens, J.: Secrecy-preserving Refinement. In: Formal Methods Europe 2001, LNCS. SV (2001)Google Scholar
  11. 11.
    Mantel, H.: Possibilistic definitions of security – an assembly kit. In: Proceedings of the IEEE Computer Security Foundations Workshop, pp. 185–199 (2000)Google Scholar
  12. 12.
    Mantel, H.: Preserving Information Flow Properties under Refinement. In: IEEE Symposium on Security and Privacy, Oakland, pp. 78–91. IEEE Computer Science, Los Alamitos (2001)Google Scholar
  13. 13.
    Paulson, L.C.: Proving Properties of Security Protocols by Induction. Technical Report 409, Computer Laboratory, University of Cambridg (1996)Google Scholar
  14. 14.
    Wedel, G., Kessler, V.: Formal Semantics for Authentication Logics. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 219–241. Springer, Heidelberg (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Sigrid Gürgens
    • 1
  • Peter Ochsenschläger
    • 1
  • Carsten Rudolph
    • 1
  1. 1.Fraunhofer-Institute for Secure Information Technology SITGermany

Personalised recommendations