Browse by author
Lookup NU author(s): Professor Peter Ryan
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
Characterising the fundamental concepts of information security, such as confidentiality and authentication, has proved problematic from the outset and remains controversial to this day. Non-interference was proposed some 25 years ago to give a precise, formal characterisation of the absence of information flows through a system, motivated in large part by the discovery of covert channels in access control models such as Bell-LaPadula. Intuitively, it asserts that altering Highs interactions with a system should not result in any observable difference in Lows interactions with the system. Superficially it appears to be a very natural and compelling concept but it turns out to harbor some surprising subtleties. Over the years various models of computation have been used to formalise non-interference. Typically these floundered on non-determinism, "input/output" distinctions, input totality and so forth. In the late 80's and early 90's, process algebras, in particular CSP, were applied to information security. In this talk I will briefly overview this approach and discuss how the concepts and results from process algebra shed light on these haunted corners of non-interference, including the role of non-determinism, unwinding results, composition, refinement and input/output distinctions. In particular, we argue that the absence of information flow can be characterised in terms of process equivalence, itself a delicate and fundamental concept. © Springer-Verlag Berlin Heidelberg 2005.
Author(s): Ryan P
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: Communicating Sequential Processes. The First 25 Years. Symposium on the Occasion of 25 Years of CSP
Year of Conference: 2005
Notes: book doi: 10.1007/b136154
Library holdings: Search Newcastle University Library for this item
Series Title: Lecture Notes in Computer Science