Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Preserving Secrecy under Refinement Rajeev Alur, Pavol Cerny, and Steve Zdancewic

Summary: Preserving Secrecy under Refinement
Rajeev Alur, Pavol Cern´y, and Steve Zdancewic
University of Pennsylvania
Abstract. We propose a general framework of secrecy and preserva-
tion of secrecy for labeled transition systems. Our definition of secrecy
is parameterized by the distinguishing power of the observer, the prop-
erties to be kept secret, and the executions of interest, and captures
a multitude of definitions in the literature. We define a notion of se-
crecy preserving refinement between systems by strengthening the clas-
sical trace-based refinement so that the implementation leaks a secret
only when the specification also leaks it. We show that secrecy is in
general not definable in µ-calculus, and thus not expressible in specifica-
tion logics supported by standard model-checkers. However, we develop
a simulation-based proof technique for establishing secrecy preserving re-
finement. This result shows how existing refinement checkers can be used
to show correctness of an implementation with respect to a specification.
1 Introduction
Security and confidentiality are growing concerns in software and system devel-
opment [14]. The question of how to ascertain that an attacker cannot easily get
information about classified data is central in this domain. We investigate the


Source: Alur, Rajeev - Department of Computer and Information Science, University of Pennsylvania
Zdancewic, Steve - Department of Computer and Information Science, University of Pennsylvania


Collections: Computer Technologies and Information Sciences