Refinement is a relation on system models: a concrete model is a refinement of a more abstract model if it has fewer behaviors. When properties of the abstract model are guaranteed to be preserved in the concrete model, refinement supports a top-down development process. This paper considers preservation of a range of information flow security properties in synchronous systems with schedulers, when these schedulers are refined. Notions of refinement are defined for both an abstract notion of scheduler as well as for their concrete representation as automata. The security properties that are preserved by refinement over schedulers are then characterized. The results are applied to characterize a number of scheduler independent security prope...
Refinement-closed security properties allow the verification of systems for all possible implementa...
Refinement-closed security properties allow the verification of systems for all possible implementat...
In a stepwise development process, it is essential thatsystem properties that have been already ...
The systematic development of complex systems usually relies on a stepwise refinement procedure from...
The focus of work on information flow security has primarily been on definitions of security in asyn...
Abstract The controlled declassification of secrets has received much attention in research on infor...
Information flow security concerns how to protect sensitive data in computer systems by avoiding und...
The controlled declassification of secrets has received much attention in research on information-fl...
“Classical” proofs of secure systems are based on reducing the hardness of one problem (defined by t...
We address the problem of maintaining information flow security un-der refinement and transformation...
Abstract. We address the problem of maintaining information flow security un-der refinement and tran...
-We address the problem of maintaining information flow security under refinement and transformation...
Abstract. In the design process of distributed systems we may have to replace abstract specification...
In the design process of distributed systems we may have to replace abstract specifications of compo...
AbstractRefinement-closed security properties allow the verification of systems for all possible imp...
Refinement-closed security properties allow the verification of systems for all possible implementa...
Refinement-closed security properties allow the verification of systems for all possible implementat...
In a stepwise development process, it is essential thatsystem properties that have been already ...
The systematic development of complex systems usually relies on a stepwise refinement procedure from...
The focus of work on information flow security has primarily been on definitions of security in asyn...
Abstract The controlled declassification of secrets has received much attention in research on infor...
Information flow security concerns how to protect sensitive data in computer systems by avoiding und...
The controlled declassification of secrets has received much attention in research on information-fl...
“Classical” proofs of secure systems are based on reducing the hardness of one problem (defined by t...
We address the problem of maintaining information flow security un-der refinement and transformation...
Abstract. We address the problem of maintaining information flow security un-der refinement and tran...
-We address the problem of maintaining information flow security under refinement and transformation...
Abstract. In the design process of distributed systems we may have to replace abstract specification...
In the design process of distributed systems we may have to replace abstract specifications of compo...
AbstractRefinement-closed security properties allow the verification of systems for all possible imp...
Refinement-closed security properties allow the verification of systems for all possible implementa...
Refinement-closed security properties allow the verification of systems for all possible implementat...
In a stepwise development process, it is essential thatsystem properties that have been already ...