Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By: Raquel Whittlesey-Harris 12/04/02

Similar presentations


Presentation on theme: "Presented By: Raquel Whittlesey-Harris 12/04/02"— Presentation transcript:

1 Presented By: Raquel Whittlesey-Harris 12/04/02
Elements of Security Presented By: Raquel Whittlesey-Harris 12/04/02

2 Contents Introduction Definitions Security Against an Adversary
Example Theorems References 12/29/2018

3 Introduction Stabilization Theory was introduced by Edsger Dijkstra in 1974 Two building blocks of stabilization theory was introduced in 1991, by Anish Arora and Mohamed Gouda The two elements can adequately explain fault-tolerant computing Closure Convergence 12/29/2018

4 Introduction The third element, protection, is introduced here
The three adequately explain system security 12/29/2018

5 Definitions Computing System, Consist of
Nonempty set of variables with values from predefined domains, and Nonempty set of actions that can be executed to update the values of the variables <guard>  <statement> <guard> is a Boolean expression over the system variables <statement> is a sequence of assignment statements over the system variables 12/29/2018

6 Definitions State of system S Computation of system S
Triple (p,c,p’) where, States of S, p (tail state) and p’ (head state) c – guard is true at state p Computation of system S An infinite sequence of transitions of S where the following hold, Order – head state of each transition is the same as the tail state of the next transition in the sequence 12/29/2018

7 Definitions The starting state of the computation,
Fairness – if a sequence has a transition where action c of system S is enabled at p, then c is executed or the sequence has a later transition where c is executed or where c is not enabled at p The starting state of the computation, Is the tail state, p, of the 1st transition in a computation A computation is said to reach state p if a transition has a state, p, as the tail or head state of that transition 12/29/2018

8 Definitions State Predicate of System S
A function that has a Boolean value at each state of S P is a state predicate of system S A state is called a P-state iff the value of P is true at that state P is closed in S iff for each transition (p,c,p’) of S, if p is a P-state, then p’ is a P-state P and Q are two state predicates of system S P implies Q, P  Q, iff for every state p of S, if p is a P-state, then p is a Q-state 12/29/2018

9 Definitions V is a subset of variables of a system S and P and Q are state predicates of S S is called V-safe from P to Q iff the following conditions hold, Closure: P and Q are closed in S and Q  P in S Convergence: Every computation of S that starts at a P-state reaches a Q-state; every computation that starts at an illegitimate state eventually reaches a legitimate state 12/29/2018

10 Definitions Protection: No variable in V is written in any transition (p,c,p’) of S where p is a P-state but no a Q-state; no transition of S that starts at an illegitimate stat can affect the critical variables in V P identifies all reachable states of S that can be reached under any interleaving of system execution and adversary interference Q identifies all legitimate states of system S that can be reached under system execution only 12/29/2018

11 Security Against an Adversary
An Adversary, D, of system is a set of actions of the form <guard>  <statement> Transition of D is a triple (p,d,p’) where, p and p’ are states of S, d is an action of D, guard of D is true at p 12/29/2018

12 Security Against an Adversary
Execution of d when S is in p yields S in p’ P is a state predicate of S and D is an adversary of S P is closed in D iff for each transition (p,d,p’) of D, if p is a P-state, then p’ is a P-state 12/29/2018

13 Security Against an Adversary
V is a subset of variables of S and P and Q are state predicates of S System P is called V-secure from P to Q against D iff the following hold, Safety: S is V-safe from P to Q Adversary Closure: P is closed in D Adversary will maintain the system within the reachable states Adversary cannot corrupt the critical variables in V 12/29/2018

14 Security Against an Adversary
Adversary Protection: No variable in V is written in any transition (p,d,p’) of D where p is a P-state If S is V-secure from P to Q against D, then all computations, C, that start at a Q-state and consist of an infinite # of S transitions and a finite # of D transitions, satisfies, Computation C has an infinite suffix whose transitions are all S transitions and whose states are all Q-states 12/29/2018

15 Security Against an Adversary
Every transition in C that updates the variables in V is an S transition whose tail and head states are Q-states 12/29/2018

16 Example Secure Data xfer System S
Sender process sends a continuous stream of data items to a receiver process via three shared variables that are written by the sender and read by the receiver Shared var seq, data, chk : integer seq – contains the sequence number of the current data item data – contains the current data item 12/29/2018

17 Example Sender has the following variables
chk – contains an integrity check for the current values of seq and data chk = H.(ss|seq|data); a secure hash function applied to the concatenation of a secret value ss and the current values of seq and data ss is known to only the sender and receiver Sender has the following variables local var sent : array [integer] of integer, x : integer sent is an infinite array containing all of the data items to be sent by the sender x is an index of sent 12/29/2018

18 Example Sender contains action,
true  seq := x; data := sent[seq] chk := H.(ss|seq|data); x := x+1 Receiver contains the following local variables, local var rcvd : array[integer] of integer, y, z : integer rcvd is an infinite array containing all data items received by the receiver z is an index of array rcvd y contains the sequence # of the last data item received by the receiver 12/29/2018

19 Example Receiver has one action, Set V of critical variables is,
true  if seq > y H.(ss|seq|data) = chk  y,rcvd[z], z:= seq, data, z+1 [] seq  y H.(ss|seq|data) chk  skip fi Set V of critical variables is, V = {rcvd, z} 12/29/2018

20 Example P and Q are state predicates,
P defines the set of reachable states Q defines the set of legitimate states 12/29/2018

21 Example S is V-safe from P to Q can be shown by showing that the 3 conditions hold P & Q are closed in S & Q  P in S; closure Sender action is continuously enabled & any execution of this action starting from a P-state leads S to a Q-state; convergence 12/29/2018

22 Example Adversary D has one action,
Neither variable in V is updated in any S transition that starts at a (P  not Q)-state; protection Adversary D has one action, Q  seq := any value in the range 0..x-1; data := sent[seq]; chk := H.(ss|seq|data); x:= x+1 D attacks S only when S is at a Q-state By replaying old messages Closure and protection hold S is V-secure from P to Q against D 12/29/2018

23 Theorems Base Theorem Union Theorem
If P is closed in S, Then S is V-secure from P to P against E Union Theorem if S is V-secure from P to Q against D and S is V’-secure from P to Q against D, then S is (VV’)-secure from P to Q against D 12/29/2018

24 Theorems Adversary Union Theorem
If S is V-secure from P to Q against D and S is V-secure from P to Q against D’ then S is V-Secure from P to Q against (DD’) Junctivity Theorem If S is V-secure from Q to P against D and S is V-secure from Q’ to P’ against D, then S is V-secure from Q  Q’ to P  P’ against D, and S is V-secure from Q  Q’ to P  P’ against D 12/29/2018

25 Theorems Transitivity Theorem
If S is V-secure from P to Q against D and S is V-secure from Q to R against D, Then S is V-secure from P to R against D 12/29/2018

26 Theorems Weakening Theorem If S is V-secure from P to Q against D,
V’ is a subset of V, P’ is closed and P’  P in S, Q’ is closed and Q  Q’ and Q’  P’ in S, and D’ is a subset of D and P’ is closed in D’, Then S is V’-secure from P’ to Q’ against D’ 12/29/2018

27 Theorems Proof of the weakening theorem
From the antecedent of the weakening theorem, the following 5 assertions hold S is V-secure from P to Q against D V’ is a subset of V P’ is closed and P’  P in S Q’ is closed and Q  Q’ & Q’  P’ in S D’ is a subset of D and P’ is closed in D’ From (1), the following five assertions hold S, P, & Q satisfy the closure condition S, P, & Q satisfy the convergence condition S, P, Q, & V satisfy the protection condition D & P satisfy the adversary closure condition D, P, & V satisfy the adversary protection condition 12/29/2018

28 Theorems From assertions (2) through (9), the following are concluded
From (3), (4), & (6), S, P’, & Q’ satisfy the closure condition From (3), (4), and (6), S, P’, & Q’ satisfy the convergence condition From (2), (3),(4), and (8), S, P’, Q’, & V’ satisfy the protection condition From (5), D’ & P’ satisfy the adversary closure condition From (2), (3), (5), & (10), D’, P’, & V’ satisfy the adversary protection condition From assertions (11) through (15), it is concluded that S is V’-secure from P’ to Q’ against D’ 12/29/2018

29 References M. G. Gouda, Elements of Security: Closure, convergence, and protection, Information Processing Letters 77 (2001) 12/29/2018


Download ppt "Presented By: Raquel Whittlesey-Harris 12/04/02"

Similar presentations


Ads by Google