Thursday,
September 10, 1998, 3:05 p.m. in PSA Room 104
Sachindev Shetty
Department of Mathematics
Problems in Computer Security
Abstract
For the development of highly secure systems, it is
crucial that all information flows through the system are
understood.In particular, covert channels or unexpected information
flows can be particularily damaging to a secure system which is
attempting to maintain a high level of confidentiality. (For example,
a top secret process should not under normal situations be able to
send or otherwise signal any information to a secret process).
Non-Interference is a mathematical technique that allows a system
model to be analyzed for these kinds of information.
Traditionally these non-interference techniques/theorems have been
stated in a hierarchical(POSet based) fashion.We consider an
intransitive non-interference security policy for a system that can
be represented as a deterministic state machine. After defining the
system and communication policy, we build an equivalence relation by
analyzing the system's security using a constructive algoritm. We
define a convert channel and make changes to eliminate them. We find
that the policy and equivalence relation then satisfy the conditions
of the unwinding theorem, thus ensuring security.
