Options
Exploiting generic aspects of security models in formal developments
Publikationstyp
Book part
Publikationsdatum
2005
Sprache
English
Author
Mantel, Heiko
First published in
Number in series
2605 LNAI
Start Page
452
End Page
475
Citation
Lecture Notes in Computer Science 2605: 452-475 (2005)
Publisher DOI
Scopus ID
Publisher
Springer
ISBN
978-3-540-32254-2
978-3-540-25051-7
The construction of security models from scratch is a difficult, time consuming, and expensive task. In this article, we demonstrate how to exploit generic concepts, in particular the concept of secure information flow, to simplify the construction of security models. Requirements concerned with confidentiality or integrity can often be expressed nicely as restrictions on the allowed flow of information. For a verification of these restrictions, it is necessary to explicate formally what information flow means. Various information flow properties have been suggested for this purpose and we employ MAKS, the "Modular Assembly Kit for Security" [Man00a], for a unified perspective on these properties. How to exploit the generic security models based on secure information flow in practice is described in the context of the VSE system [AHL+00]. © Springer-Verlag Berlin Heidelberg 2005.
DDC Class
004: Informatik