In the recent years, many formalizations of security properties have been proposed, most of which are based on different underlying models and are consequently difficult to compare. A classification of security properties is thus of interest for understanding the relationships among different definitions and for evaluating the relative merits. In this paper, many non-interference-like properties proposed for computer security are classified and compared in a unifying framework. The resulting taxonomy is evaluated through some case studies of access control in computer systems. The approach has been mechanized, resulting in the tool CoSeC. Various extensions (e.g., the application to cryptographic protocol analysis) and open problems are discussed.
|Data di pubblicazione:||2001|
|Titolo:||Classification of Security Properties (Part I: Information Flow)|
|Titolo del libro:||Foundations of Security Analysis and Design|
|Appare nelle tipologie:||3.1 Articolo su libro|