Transfer and enhancement of information-flow control techniques to develop secure systems using the example of workflow systems (MORES2)

传输和增强信息流控制技术，以使用工作流系统示例开发安全系统（更多2）

• 批准号: 183700043
• 负责人: Professor Dr. Dieter Hutter
• 金额: --
• 依托单位: Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI), Bremen
• 依托单位国家: 德国
• 项目类别: Priority Programmes
• 财政年份: 2010
• 资助国家: 德国
• 起止时间: 2009-12-31 至 2016-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/183700043?language=en
• 关键词: Transfer; enhancement; information; flow; control

The project MORES2 continues the evolution of a framework for developing secure workflow systems started in the predecessor project MORES. MORES was engaged in the modeling and verification of security properties for workflow systems considering the different types of requested security properties (e.g. information-flow control, separation of duty) at a particular level of abstraction, providing various decomposition techniques. Now, MORES2 aims at the development of appropriate refinement techniques for these workflow specifications. In particular, the notion of refinement to be developed has to support the refinement of the various aspects (e.g. activities, data, users) of workflows and also has to be able to translate the security properties considered in MORES to corresponding properties in other refinement levels. Translated security guarantees of higher abstraction levels will serve as initial building blocks for the verification of security properties on lower levels. However, we cannot expect that the notion of refinement will preserve the security guarantees in general because otherwise the arising restrictions would render such a refinement impracticable. Additionally, changing the abstraction level may also result in a refinement of the abilities of an attacker observing the workflow, which causes a change of how the required security guarantees are formulated. In MORES2 we will develop techniques to make use of security guarantees of higher abstraction levels in verifying the corresponding security properties on lower abstraction levels. We will provide a corresponding verification tool support based on existing interactive proof systems.Combining the upcoming results of MORES2 with the decomposition techniques developed in MORES, we will provide an integrated approach supporting security-in-the-large for workflow systems. Applying the decomposition techniques reduces the size of the components to be verified and improves the scalability of the verification tasks in general. The refinement techniques allow one to reuse the security guarantees of higher abstraction levels to verify the security of lower levels resulting in simpler proof tasks. This approach will be evaluated using the reference scenario Security in Web-based Workflow Management Systems of the priority programme by specifying it on various abstraction levels and using it to exemplify the translation of the arising security properties along the refinement hierarchy.

该项目MORES2延续了开发前身项目范围内开发安全工作流程系统的框架的演变。在特定的抽象级别上，Mores参与了工作流程系统的安全性属性（例如，信息流控制，税收分离）的建模和验证，提供了各种分解技术。现在，Mores2旨在为这些工作流程规范开发适当的完善技术。特别是，要开发的完善概念必须支持工作流的各个方面（例如活动，数据，用户）的改进，并且还必须能够将所考虑的安全属性转化为其他改进级别的相应属性。较高抽象级别的翻译安全保证将作为初始构建块，以验证较低级别的安全性属性。但是，我们不能期望精炼的概念一般可以保留安全保证，因为否则出现的限制将使这种精炼变得不切实际。此外，更改抽象水平也可能导致攻击者观察工作流的能力的改进，这导致更改所需的安全保证的制定方式。 在Mores2中，我们将开发技术以利用较高抽象水平的安全保证，以验证较低的抽象水平上相应的安全性属性。我们将基于现有的交互式证明系统提供相应的验证工具支持。将MORES2的即将到来的结果与Mores中开发的分解技术相结合，我们将提供一种集成的方法，为工作流系统提供一般安全性。应用分解技术会减少要验证的组件的大小，并提高验证任务的可扩展性。精炼技术使人们可以重复使用较高抽象级别的安全保证，以验证较低级别的安全性，从而导致更简单的证明任务。将使用在优先级程序的基于Web的工作流程管理系统中的参考方案安全性来评估此方法，通过在各种抽象级别上指定它，并使用它来体现沿改进层次结构的安全性属性的翻译。