{"title":"分布式系统中信息流安全的标记移动环境模型","authors":"N. Kumar, R. Shyamasundar","doi":"10.1145/2799979.2800012","DOIUrl":null,"url":null,"abstract":"Lattice model of secure information flow (referred as LIFS) is the foundation for building secure systems. In this paper, we capture the lattice model of security for mobility in a distributed setup using the formalism of Mobile Ambient calculus (MA) that has been widely used to model mobility and concurrency. Our model, referred to as Labelled Mobile Ambients (LMA), assigns labels to ambients for tracking information flow in the system, and provides semantics for preserving the distributed information flow policy specified by the labels. While there exist variants of the mobile ambient calculus for modelling application specific aspects of mandatory access control like confidentiality and integrity in the literature, our LMA model subsumes these models by capturing confidentiality and integrity as special cases of information flow properties. Thus, the LMA model enables a wide range of applications with complex security requirements, and permits a simple static analysis to establish whether the system violates information flow policy. A relative comparison to other prominent works is provided highlighting the merits of our LMA.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Labelled mobile ambients model for information flow security in distributed systems\",\"authors\":\"N. Kumar, R. Shyamasundar\",\"doi\":\"10.1145/2799979.2800012\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Lattice model of secure information flow (referred as LIFS) is the foundation for building secure systems. In this paper, we capture the lattice model of security for mobility in a distributed setup using the formalism of Mobile Ambient calculus (MA) that has been widely used to model mobility and concurrency. Our model, referred to as Labelled Mobile Ambients (LMA), assigns labels to ambients for tracking information flow in the system, and provides semantics for preserving the distributed information flow policy specified by the labels. While there exist variants of the mobile ambient calculus for modelling application specific aspects of mandatory access control like confidentiality and integrity in the literature, our LMA model subsumes these models by capturing confidentiality and integrity as special cases of information flow properties. Thus, the LMA model enables a wide range of applications with complex security requirements, and permits a simple static analysis to establish whether the system violates information flow policy. A relative comparison to other prominent works is provided highlighting the merits of our LMA.\",\"PeriodicalId\":293190,\"journal\":{\"name\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 8th International Conference on Security of Information and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2799979.2800012\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 8th International Conference on Security of Information and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2799979.2800012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
安全信息流的点阵模型(LIFS)是构建安全系统的基础。在本文中,我们使用移动环境演算(MA)的形式化来捕获分布式设置中移动安全性的格模型,该模型已被广泛用于建模移动和并发性。我们的模型被称为标签移动环境(labeled Mobile Ambients, LMA),它为环境分配标签以跟踪系统中的信息流,并提供语义以保留标签指定的分布式信息流策略。虽然在文献中存在用于对强制访问控制的应用特定方面(如机密性和完整性)建模的移动环境演算的变体,但我们的LMA模型通过捕获机密性和完整性作为信息流属性的特殊情况来包含这些模型。因此,LMA模型支持具有复杂安全需求的广泛应用程序,并允许简单的静态分析来确定系统是否违反信息流策略。并与其他著名著作作了比较,突出了我们的LMA的优点。
Labelled mobile ambients model for information flow security in distributed systems
Lattice model of secure information flow (referred as LIFS) is the foundation for building secure systems. In this paper, we capture the lattice model of security for mobility in a distributed setup using the formalism of Mobile Ambient calculus (MA) that has been widely used to model mobility and concurrency. Our model, referred to as Labelled Mobile Ambients (LMA), assigns labels to ambients for tracking information flow in the system, and provides semantics for preserving the distributed information flow policy specified by the labels. While there exist variants of the mobile ambient calculus for modelling application specific aspects of mandatory access control like confidentiality and integrity in the literature, our LMA model subsumes these models by capturing confidentiality and integrity as special cases of information flow properties. Thus, the LMA model enables a wide range of applications with complex security requirements, and permits a simple static analysis to establish whether the system violates information flow policy. A relative comparison to other prominent works is provided highlighting the merits of our LMA.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
