@phdthesis{Greiner2018PhD,
author = {Simon Greiner},
title = {A Framework for Non-Interference in Component-Based
Systems},
school = {Karlsruhe Institute of Technology},
year = {2018},
month = apr,
doi = {10.5445/IR/1000082042},
abstract = {In this thesis, we present a novel and general framework for
non-interference in component-based systems. By exploiting
restrictions to the programming model of component-based systems
the framework allows a very precise specification of intended
information flows in a system. The partition of inputs and
outputs into high and low values is based on equivalence
relations and thus allows the classification of partial
information and the existence of service calls to be secret or
public. The resulting non-interference property is compositional,
a central requirement in the case of component-based systems.
\newline
Further, we present as part of the framework a notion of non-
interference as a services-local information flow property and
show that non-interferent services can be composed in non-
interferent components. As a result, it is sufficient to analyze
the security of services, i.e. small and often relatively simple
programs, in order to gain a security guarantee for entire components
and component-based systems. We introduce the idea of dependency
clusters as service-local, attacker-independent, and
compositional building blocks for information flow
specifications and show how these dependency clusters can be
used to gain system-wide security guarantees. Dependency
clusters are especially useful in the context of evolving
components, since they allow to reduce the overhead of software
analysis when re-using components in new environments, or adding,
removing or changing services.}
}
A Framework for Non-Interference in Component-Based Systems
| Author(s): | Simon Greiner |
|---|---|
| School: | Karlsruhe Institute of Technology |
| Year: | 2018 |
| DOI: | 10.5445/IR/1000082042 |
Abstract
In this thesis, we present a novel and general framework for
non-interference in component-based systems. By exploiting
restrictions to the programming model of component-based systems
the framework allows a very precise specification of intended
information flows in a system. The partition of inputs and
outputs into high and low values is based on equivalence
relations and thus allows the classification of partial
information and the existence of service calls to be secret or
public. The resulting non-interference property is compositional,
a central requirement in the case of component-based systems.
Further, we present as part of the framework a notion of non-
interference as a services-local information flow property and
show that non-interferent services can be composed in non-
interferent components. As a result, it is sufficient to analyze
the security of services, i.e. small and often relatively simple
programs, in order to gain a security guarantee for entire components
and component-based systems. We introduce the idea of dependency
clusters as service-local, attacker-independent, and
compositional building blocks for information flow
specifications and show how these dependency clusters can be
used to gain system-wide security guarantees. Dependency
clusters are especially useful in the context of evolving
components, since they allow to reduce the overhead of software
analysis when re-using components in new environments, or adding,
removing or changing services.