Title :
A proof of secrecy for a network security model
Author :
MacEwen, Glenn ; Glasgow, Janice
Author_Institution :
Dept. of Comput. & Inf. Sci., Queen´´s Univ., Kingston, Ont., Canada
Abstract :
The network security model originally developed for the SNet secure system is generally applicable to all secure networks. Although it was recognized that allowing message loss in the model permits a covert channel, this operational model was accepted on an intuitive basis as enforcing some concept of secrecy. The paper presents a formal argument that the model, augmented with a no-loss requirement, does indeed satisfy a formal abstract secrecy policy. This secrecy policy, called INF, has previously been defined in terms of security logic. The proof contains two steps. First, the network model augmented with a no-loss requirement (and called NM) is shown to satisfy the non-deducibility (ND) condition. ND satisfies INF, therefore, NM satisfies INF
Keywords :
network operating systems; security of data; INF; NM; SNet secure system; covert channel; formal abstract secrecy policy; message loss; network security model; no-loss requirement; nondeducibility; operational model; proof of secrecy; security logic; Circuits; Communication system security; Computer networks; Information science; Information security; Logic; Neodymium; Protocols; Sociotechnical systems; Switches;
Conference_Titel :
Computer Security Foundations Workshop IV, 1991. Proceedings
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-2215-6
DOI :
10.1109/CSFW.1991.151583
