A Framework for Non-Interference in Component-Based Systems

PhD Thesis

Author(s):Simon Greiner
School:Karlsruhe Institute of Technology
Year:2018
DOI:10.5445/IR/1000082042

Abstract

In this thesis, we present a novel and general framework for non-interference in component-based systems. By exploiting restrictions to the programming model of component-based systems the framework allows a very precise specification of intended information flows in a system. The partition of inputs and outputs into high and low values is based on equivalence relations and thus allows the classification of partial information and the existence of service calls to be secret or public. The resulting non-interference property is compositional, a central requirement in the case of component-based systems.
Further, we present as part of the framework a notion of non- interference as a services-local information flow property and show that non-interferent services can be composed in non- interferent components. As a result, it is sufficient to analyze the security of services, i.e. small and often relatively simple programs, in order to gain a security guarantee for entire components and component-based systems. We introduce the idea of dependency clusters as service-local, attacker-independent, and compositional building blocks for information flow specifications and show how these dependency clusters can be used to gain system-wide security guarantees. Dependency clusters are especially useful in the context of evolving components, since they allow to reduce the overhead of software analysis when re-using components in new environments, or adding, removing or changing services.

BibTeX

@phdthesis{Greiner2018PhD,
  author    = {Simon Greiner},
  title     = {A Framework for Non-Interference in Component-Based 
Systems},
  school    = {Karlsruhe Institute of Technology},
  year      = {2018},
  month     = apr,
  doi       = {10.5445/IR/1000082042},
  abstract  = {In this thesis, we present a novel and general framework for
               non-interference in component-based systems. By exploiting
               restrictions to the programming model of component-based systems
               the framework allows a very precise specification of intended
               information flows in a system. The partition of inputs and
               outputs into high and low values is based on equivalence
               relations and thus allows the classification of partial
               information and the existence of service calls to be secret or
               public. The resulting non-interference property is compositional,
               a central requirement in the case of component-based systems.
               \newline

               Further, we present as part of the framework a notion of non-
               interference as a services-local information flow property and
               show that non-interferent services can be composed in non-
               interferent components. As a result, it is sufficient to analyze
               the security of services, i.e. small and often relatively simple
               programs, in order to gain a security guarantee for entire components
               and component-based systems. We introduce the idea of dependency
               clusters as service-local, attacker-independent, and
               compositional building blocks for information flow
               specifications and show how these dependency clusters can be
               used to gain system-wide security guarantees. Dependency
               clusters are especially useful in the context of evolving
               components, since they allow to reduce the overhead of software
               analysis when re-using components in new environments, or adding,
               removing or changing services.}
}