scholarly journals Timing-Sensitive Information Flow Analysis for Synchronous Systems

Author(s):  
Boris Köpf ◽  
David Basin
2019 ◽  
Vol 24 (2) ◽  
pp. 64 ◽  
Author(s):  
Ali A. Noroozi ◽  
Jaber Karimpour ◽  
Ayaz Isazadeh

Preserving the confidentiality of information is a growing concern in software development. Secure information flow is intended to maintain the confidentiality of sensitive information by preventing them from flowing to attackers. This paper discusses how to ensure confidentiality for multi-threaded programs through a property called observational determinism. Operational semantics of multi-threaded programs are modeled using Kripke structures. Observational determinism is formalized in terms of divergence weak low-bisimulation. Bisimulation is an equivalence relation associating executions that simulate each other. The new property is called bisimulation-based observational determinism. Furthermore, a model checking method is proposed to verify the new property and ensure that secure information flow holds in a multi-threaded program. The model checking method successively refines the Kripke model of the program until the quotient of the model with respect to divergence weak low-bisimulation is reached. Then, bisimulation-based observational determinism is checked on the quotient, which is a minimized model of the concrete Kripke model. The time complexity of the proposed method is polynomial in the size of the Kripke model. The proposed approach has been implemented on top of PRISM, a probabilistic model checking tool. Finally, a case study is discussed to show the applicability of the proposed approach.


2016 ◽  
Vol 4 (1) ◽  
pp. 40-55
Author(s):  
Yinghui Yang ◽  
Jianhua Li ◽  
Qingwei Meng ◽  
Mingli Nan

Abstract To strengthen operational process analysis and normalize information requirements description in systemic operations based on information systems, a new operational architecture modeling method is proposed from the perspective of information flow analysis. An operational architecture modeling framework based on information flow analysis is established by referring to American department of defense architecture framework (DoDAF V2.0). Concepts of entities, relationships, attributes and mapping rules are defined. Operational activity model, operational nod model and information alternation model are constructed. Finally, aerial assault operation is taken as an example to demonstrate the modeling process. Simulation results show that operational process analysis is more refined and information requirement descriptions are more visible, normal and clear, which validate the feasibility and validity of the method and models.


Sign in / Sign up

Export Citation Format

Share Document