Noninterference is an important information flow model that is widely applied in building secure information systems. Although the noninterference model itself has been thoroughly investigated, verifying the noninterference property in an efficient and automated manner remains an open problem. In this study, we explore the noninterference verification problem from the perspective of the state-equivalence relations between two automata running synchronously. Our results are as follows. (1) To the best of our knowledge, we are the first to propose a recursive form of the necessary and sufficient condition of noninterference. We also for the first time disclose the fact that Rushby's definition of noninterference model can also be formalized as a bi-simulation (over two automata) (2) We present an automated noninterference verification algorithm. The algorithm can finish the verification within O(|S|~2 * |D|), where |D| is the number of security domains and |S| is the number of states. The time-complexity of our algorithm is the best among other existing studies.
展开▼
机译:非干扰是一个重要的信息流模型,广泛应用于建立安全信息系统。虽然非干扰模型本身已经彻底调查,但以有效和自动化方式验证非干扰性质仍然是一个公开问题。在这项研究中,我们从两个自动数据之间运行同步运行的状态等效关系的角度来探讨非干扰验证问题。我们的结果如下。 (1)据我们所知,我们是第一个提出递归形式的必要和足据的不干涉条件。我们也首次披露了Ruplby对非干扰模型的定义也可以正式地被形式化为双模拟(超过两个自动机)(2)我们呈现自动非干扰验证算法。该算法可以在O(| S |〜2 * | D |内验证,其中D |是安全域的数量和| s |是州的数量。我们算法的时间复杂性是其他现有研究中的最佳状态。
展开▼
