Skip to main content
SpringerLink
Log in

Modeling and Checking the Security of DIFC System Configurations

  • Chapter
  • First Online:
Automated Security Management

  • 634 Accesses

Abstract

Decentralized information flow control (DIFC) systems provide strong protection for data secrecy and integrity. However, the complicated configuration of information flow between system objects increases the chance of misconfiguration, making the system vulnerable to attackers. In this paper we first present a systematic analysis of misconfigurations and their security threats for DIFC systems. Then we define the security analysis problem for DIFC configurations based on a formal state-transition model, which allows model checkers to prove a configuration is secure or detect misconfigurations that violate the desired security goal. The experiment shows that bounded model checking techniques plus a novel preprocessing algorithm are effective in solving this problem.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Efstathopoulos, P., Krohn, M., VanDeBogart, S., Frey, C., Ziegler, D., Kohler, E., Mazieres, D., Kaashoek, F., Morris, R.: Labels and event processes in the asbestos operating system. In: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, Brighton, pp. 17–30. ACM (2005)

    Google Scholar 

  2. Zeldovich, N., Boyd-Wickizer, S., Kohler, E., Mazières, D.: Making information flow explicit in histar. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation, Seattle, pp. 263–278. USENIX Association (2006)

    Google Scholar 

  3. Krohn, M., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M., Kohler, E., Morris, R.: Information flow control for standard os abstractions. In: Proceedings of Twenty-First ACM SIGOPS Symposium on Operating Systems Principles, Stevenson, pp. 321–334. ACM (2007)

    Google Scholar 

  4. Zeldovich, N., Boyd-Wickizer, S., Mazieres, D.: Securing distributed systems with information flow control. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, San Francisco, pp. 293–308. USENIX Association (2008)

    Google Scholar 

  5. Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: 18th IEEE Computer Security Foundations Workshop (CSFW-18 2005), Aix-en-Provence, pp. 255–269. IEEE (2005)

    Google Scholar 

  6. Chaudhuri, A., Naldurg, P., Rajamani, S., Ramalingam, G., Velaga, L.: Eon: modeling and analyzing dynamic access control systems with logic programs. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, pp. 381–390. ACM (2008)

    Google Scholar 

  7. Yang, Z., Yin, L., Jin, S., Duan, M.: Towards formal security analysis of decentralized information flow control policies. Int. J. Innov. Comput. Inf. Control 8(11), 7969–7981 (2012)

    Google Scholar 

  8. Jha, S., Li, N., Tripunitara, M., Wang, Q., Winsborough, W.: Towards formal verification of role-based access control policies. IEEE Trans. Dependable Secur. Comput. 5(4), 242–255 (2008)

    Article  Google Scholar 

  9. Harrison, M., Ruzzo, W., Ullman, J.: Protection in operating systems. Commun. ACM 19(8), 461–471 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  10. Krohn, M., Tromer, E.: Noninterference for a practical difc-based operating system. In: 30th IEEE Symposium on Security and Privacy, Oakland, pp. 61–76. IEEE (2009)

    Google Scholar 

  11. Denning, D.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  12. Efstathopoulos, P., Kohler, E.: Manageable fine-grained information flow. ACM SIGOPS Oper. Syst. Rev. 42(4), 301–313 (2008)

    Article  Google Scholar 

  13. Harris, W., Jha, S., Reps, T.: DIFC programs by automatic instrumentation. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, pp. 284–296 (2010)

    Google Scholar 

  14. Li, N., Tripunitara, M.: Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur. 9(4), 391–420 (2006)

    Article  Google Scholar 

  15. Harris, W., Kidd, N., Chaki, S., Jha, S., Reps, T.: Verifying information flow control over unbounded processes. In: FM 2009: Formal Methods, Eindhoven, pp. 773–789 (2009)

    Google Scholar 

  16. Chen, H., Li, N., Gates, C., Mao, Z.: Towards analyzing complex operating system access control configurations. In: Proceeding of the 15th ACM Symposium on Access Control Models and Technologies, Pittsburgh, pp. 13–22. ACM (2010)

    Google Scholar 

  17. Cimatti, A., Clarke, E., Giunchiglia, E., Giunchiglia, F., Pistore, M., Roveri, M., Sebastiani, R., Tacchella, A.: Nusmv 2: an opensource tool for symbolic model checking. In: Computer Aided Verification, Copenhagen, pp. 241–268. Springer (2002)

    Google Scholar 

  18. Myers, A., Liskov, B.: A decentralized model for information flow control. In: ACM SIGOPS Oper. Syst. Rev. 31, 129–142 (1997)

    Article  Google Scholar 

  19. Myers, A.: Jflow: practical mostly-static information flow control. In: Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, San Antonio, pp. 228–241. ACM (1999)

    Google Scholar 

  20. Cheng, W., Ports, D., Schultz, D., Popic, V., Blankstein, A., Cowling, J., Curtis, D., Shrira, L., Liskov, B.: Abstractions for usable information flow control in aeolus. In: Proceedings of the 2012 USENIX Annual Technical Conference, Boston. USENIX Association (2012)

    Google Scholar 

  21. Roy, I., Porter, D., Bond, M., McKinley, K., Witchel, E., Laminar: practical fine-grained decentralized information flow control. ACM SIGPLAN Not. 44(6), 63–74 (2009)

    Article  Google Scholar 

  22. Jayaraman, K., Ganesh, V., Tripunitara, M., Rinard, M., Chapin, S.: Automatic error finding in access-control policies. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Chicago, pp. 163–174. ACM (2011)

    Google Scholar 

  23. Ramakrishnan, C., Sekar, R., et al.: Model-based analysis of configuration vulnerabilities. J. Comput. Secur. 10(1/2), 189–209 (2002)

    Google Scholar 

  24. Guttman, J., Herzog, A., Ramsdell, J., Skorupka, C.: Verifying information flow goals in security-enhanced linux. J. Comput. Secur. 13(1), 115–134 (2005)

    Google Scholar 

  25. Focardi, R., Gorrieri, R.: The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans. Softw. Eng. 23(9), 550–571 (1997)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by AFOSR FA9550-07-1-0527 (MURI), ARO W911NF-09-1-0525 (MURI), NSF CNS-0905131, NSF CNS-1223710, ARO W911NF1210055, and U.S. ARL and U. K. MoD W911NF-06-3-0001. The authors would like to thank Yue Zhang, Jun Wang, William Robert Grace and Eunsuk Kang for their valuable feedbacks. The authors would also like to thank all the anonymous reviewers for their detailed comments and suggestions.

Author information

Authors and Affiliations

  1. College of Information Sciences and Technology, The Pennsylvania State University, University Park, PA, 16802, USA

    Mingyi Zhao & Peng Liu

Authors
  1. Mingyi Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mingyi Zhao .

Editor information

Editors and Affiliations

  1. Department of Software and Information Systems, University of North Carolina Charlotte, Charlotte, North Carolina, USA

    Ehab Al-Shaer

  2. Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA

    Xinming Ou

  3. Department of Computer Science, Naval Postgraduate School, Monterey, California, USA

    Geoffrey Xie

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Zhao, M., Liu, P. (2013). Modeling and Checking the Security of DIFC System Configurations. In: Al-Shaer, E., Ou, X., Xie, G. (eds) Automated Security Management. Springer, Cham. https://doi.org/10.1007/978-3-319-01433-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-01433-3_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-01432-6

  • Online ISBN: 978-3-319-01433-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation