Transfer and enhancement of information-flow control techniques to develop secure systems using the example of workflow systems (MORES2)

传输和增强信息流控制技术，以使用工作流系统示例开发安全系统（更多2）

• 批准号: 183700043
• 负责人: Professor Dr. Dieter Hutter
• 金额: --
• 依托单位: Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI), Bremen
• 依托单位国家: 德国
• 项目类别: Priority Programmes
• 财政年份: 2010
• 资助国家: 德国
• 起止时间: 2009-12-31 至 2016-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/183700043?language=en
• 关键词: Transfer; enhancement; information; flow; control

The project MORES2 continues the evolution of a framework for developing secure workflow systems started in the predecessor project MORES. MORES was engaged in the modeling and verification of security properties for workflow systems considering the different types of requested security properties (e.g. information-flow control, separation of duty) at a particular level of abstraction, providing various decomposition techniques. Now, MORES2 aims at the development of appropriate refinement techniques for these workflow specifications. In particular, the notion of refinement to be developed has to support the refinement of the various aspects (e.g. activities, data, users) of workflows and also has to be able to translate the security properties considered in MORES to corresponding properties in other refinement levels. Translated security guarantees of higher abstraction levels will serve as initial building blocks for the verification of security properties on lower levels. However, we cannot expect that the notion of refinement will preserve the security guarantees in general because otherwise the arising restrictions would render such a refinement impracticable. Additionally, changing the abstraction level may also result in a refinement of the abilities of an attacker observing the workflow, which causes a change of how the required security guarantees are formulated. In MORES2 we will develop techniques to make use of security guarantees of higher abstraction levels in verifying the corresponding security properties on lower abstraction levels. We will provide a corresponding verification tool support based on existing interactive proof systems.Combining the upcoming results of MORES2 with the decomposition techniques developed in MORES, we will provide an integrated approach supporting security-in-the-large for workflow systems. Applying the decomposition techniques reduces the size of the components to be verified and improves the scalability of the verification tasks in general. The refinement techniques allow one to reuse the security guarantees of higher abstraction levels to verify the security of lower levels resulting in simpler proof tasks. This approach will be evaluated using the reference scenario Security in Web-based Workflow Management Systems of the priority programme by specifying it on various abstraction levels and using it to exemplify the translation of the arising security properties along the refinement hierarchy.

MORES2 项目继续发展前身项目 MORES 中启动的用于开发安全工作流程系统的框架。 MORES 致力于工作流系统安全属性的建模和验证，考虑特定抽象级别上不同类型的请求安全属性（例如信息流控制、职责分离），提供各种分解技术。现在，MORES2 的目标是为这些工作流程规范开发适当的细化技术。特别是，要开发的细化概念必须支持工作流各个方面（例如活动、数据、用户）的细化，并且还必须能够将 MORES 中考虑的安全属性转换为其他细化级别中的相应属性。较高抽象级别的翻译安全保证将作为较低级别安全属性验证的初始构建块。然而，我们不能指望细化的概念将保留一般的安全保证，因为否则产生的限制将使这种细化变得不切实际。此外，更改抽象级别还可能导致攻击者观察工作流的能力得到改进，从而导致所需安全保证的制定方式发生变化。 在 MORES2 中，我们将开发技术，利用较高抽象级别的安全保证来验证较低抽象级别上相应的安全属性。我们将基于现有的交互式证明系统提供相应的验证工具支持。将MORES2即将发布的结果与MORES中开发的分解技术相结合，我们将为工作流系统提供支持大规模安全的集成方法。应用分解技术可以减少要验证的组件的大小，并总体上提高验证任务的可扩展性。细化技术允许人们重用较高抽象级别的安全保证来验证较低级别的安全性，从而导致更简单的证明任务。该方法将使用优先程序的基于 Web 的工作流管理系统中的参考场景安全性进行评估，方法是在各种抽象级别上指定它，并使用它来举例说明沿细化层次结构产生的安全属性的转换。