Hyperproperties

被引:343
作者
Clarkson, Michael [1 ]
Schneider, Fred [1 ]
机构
[1] Cornell Univ, Dept Comp Sci, Ithaca, NY 14853 USA
来源
JOURNAL OF COMPUTER SECURITY | 2010年 / 18卷 / 06期
基金
美国国家科学基金会;
关键词
Security policies; information flow; safety; liveness;
D O I
10.3233/JCS-2009-0393
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Trace properties, which have long been used for reasoning about systems, are sets of execution traces. Hyperproperties, introduced here, are sets of trace properties. Hyperproperties can express security policies, such as secure information flow and service level agreements, that trace properties cannot. Safety and liveness are generalized to hyperproperties, and every hyperproperty is shown to be the intersection of a safety hyperproperty and a liveness hyperproperty. A verification technique for safety hyperproperties is given and is shown to generalize prior techniques for verifying secure information flow. Refinement is shown to be applicable with safety hyperproperties. A topological characterization of hyperproperties is given.
引用
收藏
页码:1157 / 1210
页数:54
相关论文
共 66 条
  • [1] THE EXISTENCE OF REFINEMENT MAPPINGS
    ABADI, M
    LAMPORT, L
    [J]. THEORETICAL COMPUTER SCIENCE, 1991, 82 (02) : 253 - 284
  • [2] COMPOSING SPECIFICATIONS
    ABADI, M
    LAMPORT, L
    [J]. ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 1993, 15 (01): : 73 - 132
  • [3] DOMAIN THEORY IN LOGICAL FORM
    ABRAMSKY, S
    [J]. ANNALS OF PURE AND APPLIED LOGIC, 1991, 51 (1-2) : 1 - 77
  • [4] DEFINING LIVENESS
    ALPERN, B
    SCHNEIDER, FB
    [J]. INFORMATION PROCESSING LETTERS, 1985, 21 (04) : 181 - 185
  • [5] RECOGNIZING SAFETY AND LIVENESS
    ALPERN, B
    SCHNEIDER, FB
    [J]. DISTRIBUTED COMPUTING, 1987, 2 (03) : 117 - 126
  • [6] A security policy model for clinical information systems
    Anderson, RJ
    [J]. 1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, : 30 - 43
  • [7] [Anonymous], 2005, CCMB200609001
  • [8] ON CORRECT REFINEMENT OF PROGRAMS
    BACK, RJR
    [J]. JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 1981, 23 (01) : 49 - 68
  • [9] Secure information flow by self-composition
    Barthe, G
    D'Argenio, PR
    Rezk, T
    [J]. 17TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2004, : 100 - 114
  • [10] Refinement operators and information flow security
    Bossi, A
    Focardi, R
    Piazza, C
    Rossi, S
    [J]. FIRST INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND FORMAL METHODS, PROCEEDINGS, 2003, : 44 - 53
1234567