• DocumentCode
    3295828
  • Title

    Specifying information-flow controls

  • Author

    Chivers, Howard ; Jacob, Jeremy

  • Author_Institution
    Dept. of Comput. Sci., York Univ., UK
  • fYear
    2005
  • fDate
    6-10 June 2005
  • Firstpage
    114
  • Lastpage
    120
  • Abstract
    The core problem in risk analysis - determining exploitable paths between attackers and system assets - is essentially a problem of determining information flow. It is relatively straightforward to interpret design models for service-based distributed systems in information-flow terms, but the analysis results must be integrated into the system engineering process, and any resulting security controls must be meaningful to system practitioners as well as security analysts. The work reported addresses these practical problems; it shows that information flow analysis can be integrated into the requirements traceability process, ensuring that security controls are specific about the properties they require. Communication between information-analyst and system practitioner is also addressed by tuning the analysis to reflect the exploitability of threat paths, and by defining security controls as patterns of information-flow constraints, rather than single predicates.
  • Keywords
    distributed processing; formal specification; formal verification; risk analysis; security of data; systems engineering; information-flow controls; requirements traceability process; security controls; security risk analysis; service-based distributed systems; system engineering process; Communication system control; Communication system security; Computer science; Control systems; Design engineering; Information analysis; Information security; Jacobian matrices; Pattern analysis; Risk analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Distributed Computing Systems Workshops, 2005. 25th IEEE International Conference on
  • Print_ISBN
    0-7695-2328-5
  • Type

    conf

  • DOI
    10.1109/ICDCSW.2005.126
  • Filename
    1437165