• DocumentCode
    2350857
  • Title

    The Complexity of Intransitive Noninterference

  • Author

    Eggert, Sebastian ; Van der Meyden, Ron ; Schnoor, Henning ; Wilke, Thomas

  • Author_Institution
    Inst. fur Inf., Kiel Univ., Kiel, Germany
  • fYear
    2011
  • fDate
    22-25 May 2011
  • Firstpage
    196
  • Lastpage
    211
  • Abstract
    The paper considers several definitions of information flow security for intransitive policies from the point of view of the complexity of verifying whether a finite-state system is secure. The results are as follows. Checking (i) P-security (Goguen and Meseguer), (ii) IP-security (Haigh and Young), and (iii) TA-security (van der Meyden) are all in PTIME, while checking TO-security (van der Meyden) is undecidable. The most important ingredients in the proofs of the PTIME upper bounds are new characterizations of the respective security notions, which also enable the algorithms to return simple counterexamples demonstrating insecurity. Our results for IP-security improve a previous doubly exponential bound of Hadj-Alouane et al.
  • Keywords
    computational complexity; finite state machines; security of data; IP-security; P-security; PTIME; TA-security; TO-security; finite-state system; information flow security; intransitive noninterference; Access control; Complexity theory; Cryptography; Resource management; Semantics; System analysis and design; information flow; noninterference; verification;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy (SP), 2011 IEEE Symposium on
  • Conference_Location
    Berkeley, CA
  • ISSN
    1081-6011
  • Print_ISBN
    978-1-4577-0147-4
  • Electronic_ISBN
    1081-6011
  • Type

    conf

  • DOI
    10.1109/SP.2011.30
  • Filename
    5958030
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2350857