English

Using Architecture to Reason about Information Security

Cryptography and Security 2016-01-05 v1 Logic in Computer Science

Abstract

We demonstrate, by a number of examples, that information-flow security properties can be proved from abstract architectural descriptions, that describe only the causal structure of a system and local properties of trusted components. We specify these architectural descriptions of systems by generalizing intransitive noninterference policies to admit the ability to filter information passed between communicating domains. A notion of refinement of such system architectures is developed that supports top-down development of architectural specifications and proofs by abstraction of information security properties. We also show that, in a concrete setting where the causal structure is enforced by access control, a static check of the access control setting plus local verification of the trusted components is sufficient to prove that a generalized intransitive noninterference policy is satisfied.

Keywords

Cite

@article{arxiv.1409.0309,
  title  = {Using Architecture to Reason about Information Security},
  author = {Stephen Chong and Ron van der Meyden},
  journal= {arXiv preprint arXiv:1409.0309},
  year   = {2016}
}
R2 v1 2026-06-22T05:45:13.376Z