您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

《山东大学学报(理学版)》 ›› 2020, Vol. 55 ›› Issue (3): 35-42.doi: 10.6040/j.issn.1671-9352.2.2019.124

• • 上一篇    

基于无干扰理论的构件系统安全

徐明迪1,靳朝阳1,崔峰1,张帆2*   

  1. 1.武汉数字工程研究所, 湖北 武汉 430205;2.武汉轻工大学数学与计算机学院, 湖北 武汉 430023
  • 发布日期:2020-03-27
  • 作者简介:徐明迪(1980— ),男,博士,研究员,研究方向为信息安全. E-mail:mingdixu@163.com*通信作者简介:张帆(1977— ),男,博士,副教授,研究方向为网络安全. E-mail:whpuzf@whpu.edu.cn
  • 基金资助:
    国家自然科学基金资助项目(61502438)

Component system security based on non-interference

XU Ming-di1, JIN Zhao-yang1, CUI Feng1, ZHANG Fan2*   

  1. 1. Wuhan Digital and Engineering Institute, Wuhan 430205, Hubei, China;
    2. School of Mathematics and Computer Science, Wuhan Polytechnic University, Wuhan 430023, Hubei, China
  • Published:2020-03-27

摘要: 研究一种构件系统中多安全等级的信息流无干扰问题。在现有接口结构的基础上,使用安全进程代数描述构件系统动态行为语法和语义来构建接口自动化计算模型。研究基于互模拟的无干扰属性,构造适用于构件系统的接口安全无干扰性质SIA_NI,并证明系统在添加、删除、组合算子等复杂操作下依然满足此安全性。最后举例分析了此无干扰属性在构件化系统中的具体应用,并使用CoPS工具自动检查多安全等级构件系统的安全性,验证接口安全无干扰性质的正确性。

关键词: 信息流安全, 无干扰, 接口安全

Abstract: Information flow non-interference problem of mutil-level security in components system is studied. The behavior of components with security process algebra(SPA)language is captured to construct interface automata computational model based on the existing interface structure. Some bisimular non-interference properties are analyzed to construct SIA_NI which applies for interface model and is proved security under complex operations such as adding, deleting and combining operators. Finally, an instance is cited to handle this non-interference properties in component-based system and CoPS software is used to automatically verify the correctness of the algorithm on mutil-level security component system.

Key words: information flow security, non-interference, interface security

中图分类号: 

  • TP391
[1] SIIRTOLA A. Parametrised interface automata[C] // 14th International Conference on Application of Concurrency to System Design(ACSD).[S.l.] : IEEE, 2014.
[2] 孙聪, 习宁, 高胜, 等. 基于接口精化的广义无干扰性研究[J]. 计算机研究与发展, 2015, 52(7):1631-1641. SUN Cong, XI Ning, GAO Sheng, et al. A generalized non-interference based on refinement of interfaces[J]. Journal of Computer Research and Development, 2015, 52(7):1631-1641.
[3] FENDRICH S, LÜTTGEN G. A generalised theory of interface automata, component compatibility and error[J]. Acta Informatica, 2019, 56(4):287-319.
[4] GOGUEN J A, MESEGUER J. Security policies and security models[C] // 1982 IEEE Symposium on Security and Privacy, April 26-28, 1982. Oakland: IEEE, 1982.
[5] BEN SAID N, ABDELLATIF T, BENSALEM S, et al. Model-driven information flow security for component-based systems[M] //From Programs to Systems. The Systems Perspective in Computing. Berlin: Springer, 2014: 1-20.
[6] 张驰, 褚楚. 软件组件组装行为兼容性检查研究[J]. 计算机工程与应用, 2016, 52(11):30-33. ZHANG Chi, CHU Chu. Research on verifying of behavioral compatibility for software component composition[J]. Computer Engineering and Applications, 2016, 52(11):30-33.
[7] BOSSI A, FOCARDI R, PIAZZA C, et al. Bisimulation and unwinding for verifying possibilistic security properties[C] // International Workshop on Verification, Model Checking, and Abstract Interpretation. Berlin: Springer, 2003: 223-237.
[8] LEE M, D'ARGENIO P R. A refinement based notion of non-interference for interface automata: compositionality, decidability and synthesis[C] // XXIX International Conference of the Chilean Computer Science Society. Antofagasta: IEEE Computer Society, 2010.
[9] SUN C, XI N, MA J F. Enforcing generalized refinement-based noninterference for secure interface composition[C] // 2017 IEEE 41st Annual Computer Software and Applications Conference(COMPSAC). Turin: IEEE, 2017.
[10] DE ALFARO L, HENZINGER T A. Interface theories for component-based design[C] // International Workshop on Embedded Software. Berlin: Springer, 2001: 148-165.
[11] FOCARDI R, GORRIERI R. A classification of security properties for process Algebras1[J]. Journal of Computer Security, 1995, 3(1):5-33.
[12] DE ALFARO L, HENZINGER T A. Interface automata[J]. ACM SIGSOFT Software Engineering Notes, 2001, 26(5):109.
[13] 周伟, 尹青, 郭金庚. 计算机安全中的无干扰模型[J]. 计算机科学, 2005, 32(2):159-165. ZHOU Wei, YIN Qing, GUO Jingeng. Non-interference models in computer security[J]. Computer Science, 2005, 32(2):159-165.
[1] 孙瑜1,陈亚莎2,张兴1,刘毅1. 基于无干扰理论的安全保障方法[J]. J4, 2011, 46(9): 28-34.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!