IIT Home Page CNR Home Page

Action Refinement for Security Properties Enforcement

In this paper we propose an application of the action refinement theory for enforcing security policies at different levels of abstraction by using process algebra controller operators. Let us consider a system that cooperates with a possible untrusted component managed by a programmable controller operator in such a way that the considered composed system is secure, i.e., the composed system works as expected. Firstly, the considered system is specified at a high level of abstraction. Successively, we refine it by applying a refinement function in such a way that we pass through different abstraction levels. Here we investigate on the set of features a refinement function needs to have for guaranteeing that a considered system, which is secure at high level, once refined is still secure regardless the behaviour of the implementation of the untrusted component.


Autori IIT:

Tipo: TR Rapporti tecnici
Area di disciplina: Information Technology and Communication Systems
IIT TR-11/2010