Title :
Action systems for security specification
Author_Institution :
Dept. of Comput., Open Univ., Milton Keynes, UK
Abstract :
To be generally useful a theory must be both intellectually sound and practically applicable. We consider the noninterference approach to security specification, focusing in particular on Roscoe´s work on nondeterminism. This provides a starting point for reflecting on what features are desirable in a development method for secure systems. In an attempt to meet at least some of these requirements we use action systems which combine both event and state-based specification approaches. Using Butler´s correspondence between action systems and CSP we define determinism and security properties directly in action systems. We give examples of the action system approach and discuss its advantages and disadvantages
Keywords :
formal specification; security of data; CSP; Roscoe´s work; action systems; development method; nondeterminism; noninterference approach; secure systems; security specification; state-based specification; Filters; Government; Guidelines; Information analysis; Information security; Interference; Specification languages;
Conference_Titel :
Computer Security Foundations Workshop, 1996. Proceedings., 9th IEEE
Conference_Location :
Kenmare
Print_ISBN :
0-8186-7522-5
DOI :
10.1109/CSFW.1996.503695