{"title":"海报:对DIFC政策进行正式验证","authors":"Zhi Yang, Lihua Yin, Miyi Duan, Shuyuan Jin","doi":"10.1145/2046707.2093515","DOIUrl":null,"url":null,"abstract":"Decentralized information flow control (DIFC) is a recent important innovation with flexible mechanisms to improve the availability of traditional information flow models. However, the flexibility of DIFC models also makes specifying and managing DIFC policies a challenging problem. The formal policy verification techniques can improve the current state of the art of policy specification and management. We show that in general these problems of policy verification of the main DIFC systems are NP-hard, and show that several subcases remain NP-complete. We also propose an approach of model checking to solve these problems. Experiments are presented to show that this approach is effective.","PeriodicalId":72687,"journal":{"name":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","volume":"44 1","pages":"873-876"},"PeriodicalIF":0.0000,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Poster: towards formal verification of DIFC policies\",\"authors\":\"Zhi Yang, Lihua Yin, Miyi Duan, Shuyuan Jin\",\"doi\":\"10.1145/2046707.2093515\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Decentralized information flow control (DIFC) is a recent important innovation with flexible mechanisms to improve the availability of traditional information flow models. However, the flexibility of DIFC models also makes specifying and managing DIFC policies a challenging problem. The formal policy verification techniques can improve the current state of the art of policy specification and management. We show that in general these problems of policy verification of the main DIFC systems are NP-hard, and show that several subcases remain NP-complete. We also propose an approach of model checking to solve these problems. Experiments are presented to show that this approach is effective.\",\"PeriodicalId\":72687,\"journal\":{\"name\":\"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security\",\"volume\":\"44 1\",\"pages\":\"873-876\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-10-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2046707.2093515\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Computer and Communications Security : proceedings of the ... conference on computer and communications security. ACM Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2046707.2093515","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Poster: towards formal verification of DIFC policies
Decentralized information flow control (DIFC) is a recent important innovation with flexible mechanisms to improve the availability of traditional information flow models. However, the flexibility of DIFC models also makes specifying and managing DIFC policies a challenging problem. The formal policy verification techniques can improve the current state of the art of policy specification and management. We show that in general these problems of policy verification of the main DIFC systems are NP-hard, and show that several subcases remain NP-complete. We also propose an approach of model checking to solve these problems. Experiments are presented to show that this approach is effective.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
