Towards confidentiality-by-construction

Ina Schaefer; Tobias Runge; Alexander Knüppel; Loek Cleophas; Derrick Kourie; Bruce W. Watson

doi:10.1007/978-3-030-03418-4_30

Towards confidentiality-by-construction

Ina Schaefer, Tobias Runge, Alexander Knüppel, Loek Cleophas, Derrick Kourie, Bruce W. Watson

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

4 Citations (Scopus)

Abstract

Guaranteeing that information processed in computing systems remains confidential is vital for many software applications. To this end, language-based security mechanisms enforce fine-grained access control policies for program variables to prevent secret information from leaking through unauthorized access. However, approaches for language-based security by information flow control mostly work post-hoc, classifying programs into whether they comply with information flow policies or not after the program has been constructed. Means for constructing programs that satisfy given information flow control policies are still missing. Following the correctness-by-construction approach, we propose a development method for specifying information flow policies first and constructing programs satisfying these policies subsequently. We replace functional pre- and postcondition specifications with confidentiality properties and define rules to derive new confidentiality specifications for each refining program construct. We discuss possible extensions including initial ideas for tool support. Applying correctness-by-construction techniques to confidentiality properties constitutes a first step towards security-by-construction.

Original language	English
Title of host publication	Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings
Editors	Bernhard Steffen, Tiziana Margaria
Publisher	Springer
Pages	502-515
Number of pages	14
ISBN (Print)	9783030034177
DOIs	https://doi.org/10.1007/978-3-030-03418-4_30
Publication status	Published - 1 Jan 2018
Event	8th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, (ISoLA 2018) - Limassol, Cyprus Duration: 5 Nov 2018 → 9 Nov 2018 http://www.isola-conference.org/isola2018/

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11244 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	8th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, (ISoLA 2018)
Abbreviated title	ISoLA2018
Country/Territory	Cyprus
City	Limassol
Period	5/11/18 → 9/11/18
Internet address	http://www.isola-conference.org/isola2018/

Access to Document

10.1007/978-3-030-03418-4_30

Cite this

Schaefer, I., Runge, T., Knüppel, A., Cleophas, L., Kourie, D., & Watson, B. W. (2018). Towards confidentiality-by-construction. In B. Steffen, & T. Margaria (Eds.), Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings (pp. 502-515). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11244 LNCS). Springer. https://doi.org/10.1007/978-3-030-03418-4_30

Schaefer, Ina ; Runge, Tobias ; Knüppel, Alexander ; Cleophas, Loek ; Kourie, Derrick ; Watson, Bruce W. / Towards confidentiality-by-construction. Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings. editor / Bernhard Steffen ; Tiziana Margaria. Springer, 2018. pp. 502-515 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{826a209dcafc4597826779a05dbd9d97,

title = "Towards confidentiality-by-construction",

abstract = "Guaranteeing that information processed in computing systems remains confidential is vital for many software applications. To this end, language-based security mechanisms enforce fine-grained access control policies for program variables to prevent secret information from leaking through unauthorized access. However, approaches for language-based security by information flow control mostly work post-hoc, classifying programs into whether they comply with information flow policies or not after the program has been constructed. Means for constructing programs that satisfy given information flow control policies are still missing. Following the correctness-by-construction approach, we propose a development method for specifying information flow policies first and constructing programs satisfying these policies subsequently. We replace functional pre- and postcondition specifications with confidentiality properties and define rules to derive new confidentiality specifications for each refining program construct. We discuss possible extensions including initial ideas for tool support. Applying correctness-by-construction techniques to confidentiality properties constitutes a first step towards security-by-construction.",

author = "Ina Schaefer and Tobias Runge and Alexander Kn{\"u}ppel and Loek Cleophas and Derrick Kourie and Watson, {Bruce W.}",

year = "2018",

month = jan,

day = "1",

doi = "10.1007/978-3-030-03418-4_30",

language = "English",

isbn = "9783030034177",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "502--515",

editor = "Bernhard Steffen and Tiziana Margaria",

booktitle = "Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings",

address = "Germany",

note = "8th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, (ISoLA 2018), ISoLA2018 ; Conference date: 05-11-2018 Through 09-11-2018",

url = "http://www.isola-conference.org/isola2018/",

}

Schaefer, I, Runge, T, Knüppel, A, Cleophas, L, Kourie, D & Watson, BW 2018, Towards confidentiality-by-construction. in B Steffen & T Margaria (eds), Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11244 LNCS, Springer, pp. 502-515, 8th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, (ISoLA 2018), Limassol, Cyprus, 5/11/18. https://doi.org/10.1007/978-3-030-03418-4_30

Towards confidentiality-by-construction. / Schaefer, Ina; Runge, Tobias; Knüppel, Alexander; Cleophas, Loek; Kourie, Derrick; Watson, Bruce W.

Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings. ed. / Bernhard Steffen; Tiziana Margaria. Springer, 2018. p. 502-515 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11244 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Towards confidentiality-by-construction

AU - Schaefer, Ina

AU - Runge, Tobias

AU - Knüppel, Alexander

AU - Cleophas, Loek

AU - Kourie, Derrick

AU - Watson, Bruce W.

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Guaranteeing that information processed in computing systems remains confidential is vital for many software applications. To this end, language-based security mechanisms enforce fine-grained access control policies for program variables to prevent secret information from leaking through unauthorized access. However, approaches for language-based security by information flow control mostly work post-hoc, classifying programs into whether they comply with information flow policies or not after the program has been constructed. Means for constructing programs that satisfy given information flow control policies are still missing. Following the correctness-by-construction approach, we propose a development method for specifying information flow policies first and constructing programs satisfying these policies subsequently. We replace functional pre- and postcondition specifications with confidentiality properties and define rules to derive new confidentiality specifications for each refining program construct. We discuss possible extensions including initial ideas for tool support. Applying correctness-by-construction techniques to confidentiality properties constitutes a first step towards security-by-construction.

AB - Guaranteeing that information processed in computing systems remains confidential is vital for many software applications. To this end, language-based security mechanisms enforce fine-grained access control policies for program variables to prevent secret information from leaking through unauthorized access. However, approaches for language-based security by information flow control mostly work post-hoc, classifying programs into whether they comply with information flow policies or not after the program has been constructed. Means for constructing programs that satisfy given information flow control policies are still missing. Following the correctness-by-construction approach, we propose a development method for specifying information flow policies first and constructing programs satisfying these policies subsequently. We replace functional pre- and postcondition specifications with confidentiality properties and define rules to derive new confidentiality specifications for each refining program construct. We discuss possible extensions including initial ideas for tool support. Applying correctness-by-construction techniques to confidentiality properties constitutes a first step towards security-by-construction.

UR - http://www.scopus.com/inward/record.url?scp=85056479564&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-03418-4_30

DO - 10.1007/978-3-030-03418-4_30

M3 - Conference contribution

AN - SCOPUS:85056479564

SN - 9783030034177

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 502

EP - 515

BT - Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings

A2 - Steffen, Bernhard

A2 - Margaria, Tiziana

PB - Springer

T2 - 8th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, (ISoLA 2018)

Y2 - 5 November 2018 through 9 November 2018

ER -

Schaefer I, Runge T, Knüppel A, Cleophas L, Kourie D, Watson BW. Towards confidentiality-by-construction. In Steffen B, Margaria T, editors, Leveraging Applications of Formal Methods, Verification and Validation. Modeling - 8th International Symposium, ISoLA 2018, Proceedings. Springer. 2018. p. 502-515. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-030-03418-4_30

Towards confidentiality-by-construction

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this