We study information flow security in the setting of mobile agents. We propose a sufficient condi- tion to security named Persistent_BNDC. A process is Persistent_BNDC when every of its reachable states satisfies a basic Non-Interference property called BNDC. By imposing that security persists during process execution, one is guaranteed that every potential migration is performed in a stable, secure state. We define a suitable bisimulation-based equivalence relation among processes, that allows us to express the new property as a single equivalence check, thus avoiding the universal quantifications over all the reachable states (required by Persistent_BNDC) and over all the possible hostile environments (implicit in the basic Non-Interference property BNDC). We prove that Persistent_BNDC is a sufficient condition to the security of mobile agents by (i) giving a sound and complete characterization of Persistent_BNDC in terms of dynamic contexts, i.e., execution contexts that can non-deterministically change at run-time, abstractly modelling arbitrary migrations; (ii) showing that Persistent_BNDC implies information flow security when agent mobility is explicitly expressed in the calculus.
Information Flow Security in Dynamic Contexts
FOCARDI, Riccardo;ROSSI, Sabina
2006-01-01
Abstract
We study information flow security in the setting of mobile agents. We propose a sufficient condi- tion to security named Persistent_BNDC. A process is Persistent_BNDC when every of its reachable states satisfies a basic Non-Interference property called BNDC. By imposing that security persists during process execution, one is guaranteed that every potential migration is performed in a stable, secure state. We define a suitable bisimulation-based equivalence relation among processes, that allows us to express the new property as a single equivalence check, thus avoiding the universal quantifications over all the reachable states (required by Persistent_BNDC) and over all the possible hostile environments (implicit in the basic Non-Interference property BNDC). We prove that Persistent_BNDC is a sufficient condition to the security of mobile agents by (i) giving a sound and complete characterization of Persistent_BNDC in terms of dynamic contexts, i.e., execution contexts that can non-deterministically change at run-time, abstractly modelling arbitrary migrations; (ii) showing that Persistent_BNDC implies information flow security when agent mobility is explicitly expressed in the calculus.
| File | Dimensione | Formato | |
|---|---|---|---|
|
JCS06.pdf
non disponibili
Tipologia:
Documento in Post-print
Licenza:
Accesso chiuso-personale
Dimensione
556.11 kB
Formato
Adobe PDF
|
556.11 kB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
