Discretionary Information Flow Control for Interaction-Oriented Specifications

Alberto Lluch Lafuente; Flemming Nielson; Hanne Riis Nielson

doi:10.1007/978-3-319-23165-5_20

Discretionary Information Flow Control for Interaction-Oriented Specifications

Alberto Lluch Lafuente, Flemming Nielson, Hanne Riis Nielson

Department of Applied Mathematics and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Book chapter › Research › peer-review

221 Downloads (Pure)

Abstract

This paper presents an approach to specify and check discretionary information flow properties of concurrent systems. The approach is inspired by the success of the interaction-oriented paradigm to concurrent systems (cf. choreographies, behavioural types, protocols,...) in providing behavioural guarantees of global properties such as deadlock-absence. We show how some information flow properties are easier to formalise and check on a global interaction-oriented description of a concurrent system rather than on a local process-oriented description of the components of the system. We use a simple choreography description language adapted from the literature of choreographies and session types. We provide a generic method to instrument the semantics with information flow annotations. Policies are used to specify the admissible flows of information. The main contribution of the paper is a sound type system for statically checking if a system specification ensures an information flow policy. The approach is illustrated with two archetypal examples of distributed and parallel computing systems: a protocol for an identity-secured data providing service and a parallel MapReduce computation.

Original language	English
Title of host publication	Logic, Rewriting, and Concurrency : Essays Dedicated to José Meseguer on the Occasion of His 65th Birthday
Publisher	Springer
Publication date	2015
Pages	427-450
ISBN (Print)	978-3-319-23164-8
ISBN (Electronic)	978-3-319-23165-5
DOIs	https://doi.org/10.1007/978-3-319-23165-5_20
Publication status	Published - 2015

Series	Lecture Notes in Computer Science
Volume	9200
ISSN	0302-9743

Keywords

Information flow control
Discretionary access control
Choreographies
Communication protocols
Interaction-oriented computing
Parallel computing
Service-oriented computing
Highperformance computing

Cite this

Lluch Lafuente, A., Nielson, F., & Nielson, H. R. (2015). Discretionary Information Flow Control for Interaction-Oriented Specifications. In Logic, Rewriting, and Concurrency: Essays Dedicated to José Meseguer on the Occasion of His 65th Birthday (pp. 427-450). Springer. Lecture Notes in Computer Science, Vol.. 9200 https://doi.org/10.1007/978-3-319-23165-5_20

@inbook{5fa21f345eeb407d9dd780a523ff91cf,

title = "Discretionary Information Flow Control for Interaction-Oriented Specifications",

abstract = "This paper presents an approach to specify and check discretionary information flow properties of concurrent systems. The approach is inspired by the success of the interaction-oriented paradigm to concurrent systems (cf. choreographies, behavioural types, protocols,...) in providing behavioural guarantees of global properties such as deadlock-absence. We show how some information flow properties are easier to formalise and check on a global interaction-oriented description of a concurrent system rather than on a local process-oriented description of the components of the system. We use a simple choreography description language adapted from the literature of choreographies and session types. We provide a generic method to instrument the semantics with information flow annotations. Policies are used to specify the admissible flows of information. The main contribution of the paper is a sound type system for statically checking if a system specification ensures an information flow policy. The approach is illustrated with two archetypal examples of distributed and parallel computing systems: a protocol for an identity-secured data providing service and a parallel MapReduce computation.",

keywords = "Information flow control, Discretionary access control, Choreographies, Communication protocols, Interaction-oriented computing, Parallel computing, Service-oriented computing, Highperformance computing",

author = "{Lluch Lafuente}, Alberto and Flemming Nielson and Nielson, {Hanne Riis}",

year = "2015",

doi = "10.1007/978-3-319-23165-5_20",

language = "English",

isbn = "978-3-319-23164-8",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "427--450",

booktitle = "Logic, Rewriting, and Concurrency",

}

Discretionary Information Flow Control for Interaction-Oriented Specifications. / Lluch Lafuente, Alberto ; Nielson, Flemming ; Nielson, Hanne Riis.

Logic, Rewriting, and Concurrency: Essays Dedicated to José Meseguer on the Occasion of His 65th Birthday. Springer, 2015. p. 427-450 (Lecture Notes in Computer Science, Vol. 9200).

Research output: Chapter in Book/Report/Conference proceeding › Book chapter › Research › peer-review

TY - CHAP

T1 - Discretionary Information Flow Control for Interaction-Oriented Specifications

AU - Lluch Lafuente, Alberto

AU - Nielson, Flemming

AU - Nielson, Hanne Riis

PY - 2015

Y1 - 2015

N2 - This paper presents an approach to specify and check discretionary information flow properties of concurrent systems. The approach is inspired by the success of the interaction-oriented paradigm to concurrent systems (cf. choreographies, behavioural types, protocols,...) in providing behavioural guarantees of global properties such as deadlock-absence. We show how some information flow properties are easier to formalise and check on a global interaction-oriented description of a concurrent system rather than on a local process-oriented description of the components of the system. We use a simple choreography description language adapted from the literature of choreographies and session types. We provide a generic method to instrument the semantics with information flow annotations. Policies are used to specify the admissible flows of information. The main contribution of the paper is a sound type system for statically checking if a system specification ensures an information flow policy. The approach is illustrated with two archetypal examples of distributed and parallel computing systems: a protocol for an identity-secured data providing service and a parallel MapReduce computation.

AB - This paper presents an approach to specify and check discretionary information flow properties of concurrent systems. The approach is inspired by the success of the interaction-oriented paradigm to concurrent systems (cf. choreographies, behavioural types, protocols,...) in providing behavioural guarantees of global properties such as deadlock-absence. We show how some information flow properties are easier to formalise and check on a global interaction-oriented description of a concurrent system rather than on a local process-oriented description of the components of the system. We use a simple choreography description language adapted from the literature of choreographies and session types. We provide a generic method to instrument the semantics with information flow annotations. Policies are used to specify the admissible flows of information. The main contribution of the paper is a sound type system for statically checking if a system specification ensures an information flow policy. The approach is illustrated with two archetypal examples of distributed and parallel computing systems: a protocol for an identity-secured data providing service and a parallel MapReduce computation.

KW - Information flow control

KW - Discretionary access control

KW - Choreographies

KW - Communication protocols

KW - Interaction-oriented computing

KW - Parallel computing

KW - Service-oriented computing

KW - Highperformance computing

U2 - 10.1007/978-3-319-23165-5_20

DO - 10.1007/978-3-319-23165-5_20

M3 - Book chapter

SN - 978-3-319-23164-8

T3 - Lecture Notes in Computer Science

SP - 427

EP - 450

BT - Logic, Rewriting, and Concurrency

PB - Springer

ER -

Access to Document

10.1007/978-3-319-23165-5_20

Discretionary Information Flow Control for Interaction Oriented SpecificationsAccepted author manuscript, 528 KB