A proof of secrecy for a network security model

Author

MacEwen, Glenn ; Glasgow, Janice

Author_Institution

Dept. of Comput. & Inf. Sci., Queen´´s Univ., Kingston, Ont., Canada

fYear

1991

fDate

18-20 Jun 1991

Firstpage

176

Lastpage

181

Abstract

The network security model originally developed for the SNet secure system is generally applicable to all secure networks. Although it was recognized that allowing message loss in the model permits a covert channel, this operational model was accepted on an intuitive basis as enforcing some concept of secrecy. The paper presents a formal argument that the model, augmented with a no-loss requirement, does indeed satisfy a formal abstract secrecy policy. This secrecy policy, called INF, has previously been defined in terms of security logic. The proof contains two steps. First, the network model augmented with a no-loss requirement (and called NM) is shown to satisfy the non-deducibility (ND) condition. ND satisfies INF, therefore, NM satisfies INF

Keywords

network operating systems; security of data; INF; NM; SNet secure system; covert channel; formal abstract secrecy policy; message loss; network security model; no-loss requirement; nondeducibility; operational model; proof of secrecy; security logic; Circuits; Communication system security; Computer networks; Information science; Information security; Logic; Neodymium; Protocols; Sociotechnical systems; Switches;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Workshop IV, 1991. Proceedings

Conference_Location

Franconia, NH

Print_ISBN

0-8186-2215-6

Type

conf

DOI

10.1109/CSFW.1991.151583

Filename

151583