Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By: Raquel Whittlesey-Harris 12/04/02

Published byUlrik Hansen Modified over 6 years ago

Similar presentations

Presentation on theme: "Presented By: Raquel Whittlesey-Harris 12/04/02"— Presentation transcript:

1 Presented By: Raquel Whittlesey-Harris 12/04/02
Elements of Security Presented By: Raquel Whittlesey-Harris 12/04/02

2 Contents Introduction Definitions Security Against an Adversary
Example Theorems References 12/29/2018

3 Introduction Stabilization Theory was introduced by Edsger Dijkstra in 1974 Two building blocks of stabilization theory was introduced in 1991, by Anish Arora and Mohamed Gouda The two elements can adequately explain fault-tolerant computing Closure Convergence 12/29/2018

4 Introduction The third element, protection, is introduced here
The three adequately explain system security 12/29/2018

5 Definitions Computing System, Consist of
Nonempty set of variables with values from predefined domains, and Nonempty set of actions that can be executed to update the values of the variables <guard>  <statement> <guard> is a Boolean expression over the system variables <statement> is a sequence of assignment statements over the system variables 12/29/2018

6 Definitions State of system S Computation of system S
Triple (p,c,p’) where, States of S, p (tail state) and p’ (head state) c – guard is true at state p Computation of system S An infinite sequence of transitions of S where the following hold, Order – head state of each transition is the same as the tail state of the next transition in the sequence 12/29/2018

7 Definitions The starting state of the computation,
Fairness – if a sequence has a transition where action c of system S is enabled at p, then c is executed or the sequence has a later transition where c is executed or where c is not enabled at p The starting state of the computation, Is the tail state, p, of the 1st transition in a computation A computation is said to reach state p if a transition has a state, p, as the tail or head state of that transition 12/29/2018

8 Definitions State Predicate of System S
A function that has a Boolean value at each state of S P is a state predicate of system S A state is called a P-state iff the value of P is true at that state P is closed in S iff for each transition (p,c,p’) of S, if p is a P-state, then p’ is a P-state P and Q are two state predicates of system S P implies Q, P  Q, iff for every state p of S, if p is a P-state, then p is a Q-state 12/29/2018

9 Definitions V is a subset of variables of a system S and P and Q are state predicates of S S is called V-safe from P to Q iff the following conditions hold, Closure: P and Q are closed in S and Q  P in S Convergence: Every computation of S that starts at a P-state reaches a Q-state; every computation that starts at an illegitimate state eventually reaches a legitimate state 12/29/2018

10 Definitions Protection: No variable in V is written in any transition (p,c,p’) of S where p is a P-state but no a Q-state; no transition of S that starts at an illegitimate stat can affect the critical variables in V P identifies all reachable states of S that can be reached under any interleaving of system execution and adversary interference Q identifies all legitimate states of system S that can be reached under system execution only 12/29/2018

11 Security Against an Adversary
An Adversary, D, of system is a set of actions of the form <guard>  <statement> Transition of D is a triple (p,d,p’) where, p and p’ are states of S, d is an action of D, guard of D is true at p 12/29/2018

12 Security Against an Adversary
Execution of d when S is in p yields S in p’ P is a state predicate of S and D is an adversary of S P is closed in D iff for each transition (p,d,p’) of D, if p is a P-state, then p’ is a P-state 12/29/2018

13 Security Against an Adversary
V is a subset of variables of S and P and Q are state predicates of S System P is called V-secure from P to Q against D iff the following hold, Safety: S is V-safe from P to Q Adversary Closure: P is closed in D Adversary will maintain the system within the reachable states Adversary cannot corrupt the critical variables in V 12/29/2018

14 Security Against an Adversary
Adversary Protection: No variable in V is written in any transition (p,d,p’) of D where p is a P-state If S is V-secure from P to Q against D, then all computations, C, that start at a Q-state and consist of an infinite # of S transitions and a finite # of D transitions, satisfies, Computation C has an infinite suffix whose transitions are all S transitions and whose states are all Q-states 12/29/2018

15 Security Against an Adversary
Every transition in C that updates the variables in V is an S transition whose tail and head states are Q-states 12/29/2018

16 Example Secure Data xfer System S
Sender process sends a continuous stream of data items to a receiver process via three shared variables that are written by the sender and read by the receiver Shared var seq, data, chk : integer seq – contains the sequence number of the current data item data – contains the current data item 12/29/2018

17 Example Sender has the following variables
chk – contains an integrity check for the current values of seq and data chk = H.(ss|seq|data); a secure hash function applied to the concatenation of a secret value ss and the current values of seq and data ss is known to only the sender and receiver Sender has the following variables local var sent : array [integer] of integer, x : integer sent is an infinite array containing all of the data items to be sent by the sender x is an index of sent 12/29/2018

18 Example Sender contains action,
true  seq := x; data := sent[seq] chk := H.(ss|seq|data); x := x+1 Receiver contains the following local variables, local var rcvd : array[integer] of integer, y, z : integer rcvd is an infinite array containing all data items received by the receiver z is an index of array rcvd y contains the sequence # of the last data item received by the receiver 12/29/2018

19 Example Receiver has one action, Set V of critical variables is,
true  if seq > y H.(ss|seq|data) = chk  y,rcvd[z], z:= seq, data, z+1 [] seq  y H.(ss|seq|data) chk  skip fi Set V of critical variables is, V = {rcvd, z} 12/29/2018

20 Example P and Q are state predicates,
P defines the set of reachable states Q defines the set of legitimate states 12/29/2018

21 Example S is V-safe from P to Q can be shown by showing that the 3 conditions hold P & Q are closed in S & Q  P in S; closure Sender action is continuously enabled & any execution of this action starting from a P-state leads S to a Q-state; convergence 12/29/2018

22 Example Adversary D has one action,
Neither variable in V is updated in any S transition that starts at a (P  not Q)-state; protection Adversary D has one action, Q  seq := any value in the range 0..x-1; data := sent[seq]; chk := H.(ss|seq|data); x:= x+1 D attacks S only when S is at a Q-state By replaying old messages Closure and protection hold S is V-secure from P to Q against D 12/29/2018

23 Theorems Base Theorem Union Theorem
If P is closed in S, Then S is V-secure from P to P against E Union Theorem if S is V-secure from P to Q against D and S is V’-secure from P to Q against D, then S is (VV’)-secure from P to Q against D 12/29/2018

24 Theorems Adversary Union Theorem
If S is V-secure from P to Q against D and S is V-secure from P to Q against D’ then S is V-Secure from P to Q against (DD’) Junctivity Theorem If S is V-secure from Q to P against D and S is V-secure from Q’ to P’ against D, then S is V-secure from Q  Q’ to P  P’ against D, and S is V-secure from Q  Q’ to P  P’ against D 12/29/2018

25 Theorems Transitivity Theorem
If S is V-secure from P to Q against D and S is V-secure from Q to R against D, Then S is V-secure from P to R against D 12/29/2018

26 Theorems Weakening Theorem If S is V-secure from P to Q against D,
V’ is a subset of V, P’ is closed and P’  P in S, Q’ is closed and Q  Q’ and Q’  P’ in S, and D’ is a subset of D and P’ is closed in D’, Then S is V’-secure from P’ to Q’ against D’ 12/29/2018

27 Theorems Proof of the weakening theorem
From the antecedent of the weakening theorem, the following 5 assertions hold S is V-secure from P to Q against D V’ is a subset of V P’ is closed and P’  P in S Q’ is closed and Q  Q’ & Q’  P’ in S D’ is a subset of D and P’ is closed in D’ From (1), the following five assertions hold S, P, & Q satisfy the closure condition S, P, & Q satisfy the convergence condition S, P, Q, & V satisfy the protection condition D & P satisfy the adversary closure condition D, P, & V satisfy the adversary protection condition 12/29/2018

28 Theorems From assertions (2) through (9), the following are concluded
From (3), (4), & (6), S, P’, & Q’ satisfy the closure condition From (3), (4), and (6), S, P’, & Q’ satisfy the convergence condition From (2), (3),(4), and (8), S, P’, Q’, & V’ satisfy the protection condition From (5), D’ & P’ satisfy the adversary closure condition From (2), (3), (5), & (10), D’, P’, & V’ satisfy the adversary protection condition From assertions (11) through (15), it is concluded that S is V’-secure from P’ to Q’ against D’ 12/29/2018

29 References M. G. Gouda, Elements of Security: Closure, convergence, and protection, Information Processing Letters 77 (2001) 12/29/2018

Download ppt "Presented By: Raquel Whittlesey-Harris 12/04/02"

Similar presentations

Completeness and Expressiveness

Completeness and Expressiveness
Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.

Some important properties Lectures of Prof. Doron Peled, Bar Ilan University.
Distributed Snapshots: Determining Global States of Distributed Systems Joshua Eberhardt Research Paper: Kanianthra Mani Chandy and Leslie Lamport.

Distributed Snapshots: Determining Global States of Distributed Systems Joshua Eberhardt Research Paper: Kanianthra Mani Chandy and Leslie Lamport.
Models of Concurrency Manna, Pnueli.

Models of Concurrency Manna, Pnueli.
Program correctness The State-transition model A global state S  s 0 x s 1 x … x s m {s k = local state of process k} S0  S1  S2  … Each state transition.

Program correctness The State-transition model A global state S  s 0 x s 1 x … x s m {s k = local state of process k} S0  S1  S2  … Each state transition.
1.6 Behavioral Equivalence. 2 Two very important concepts in the study and analysis of programs –Equivalence between programs –Congruence between statements.

1.6 Behavioral Equivalence. 2 Two very important concepts in the study and analysis of programs –Equivalence between programs –Congruence between statements.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Copyright © Cengage Learning. All rights reserved.

Copyright © Cengage Learning. All rights reserved.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ 85287 Dr. Yann-Hang Lee

CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
Introduction to Self-Stabilization Stéphane Devismes.

Introduction to Self-Stabilization Stéphane Devismes.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
Math 3121 Abstract Algebra I

Math 3121 Abstract Algebra I
Lecture 2: Reasoning with Distributed Programs Anish Arora CSE 6333.

Lecture 2: Reasoning with Distributed Programs Anish Arora CSE 6333.
Introduction to Computability Theory

Introduction to Computability Theory
Chapter 8 - Self-Stabilizing Computing1 Chapter 8 – Self-Stabilizing Computing Self-Stabilization Shlomi Dolev MIT Press, 2000 Draft of January 2004 Shlomi.

Chapter 8 - Self-Stabilizing Computing1 Chapter 8 – Self-Stabilizing Computing Self-Stabilization Shlomi Dolev MIT Press, 2000 Draft of January 2004 Shlomi.
Convergence Refinement Murat Demirbas Anish Arora The Ohio State University.

Convergence Refinement Murat Demirbas Anish Arora The Ohio State University.
Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.

Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.
1 Formal Specification and Verification of a Micropayment Protocol Alex X. Liu The University of Texas at Austin, U.S.A. October 13, 2004 Co-author: Mohamed.

1 Formal Specification and Verification of a Micropayment Protocol Alex X. Liu The University of Texas at Austin, U.S.A. October 13, 2004 Co-author: Mohamed.
Discrete Mathematics Lecture 4 Harper Langston New York University.

Discrete Mathematics Lecture 4 Harper Langston New York University.
CS294, YelickSelf Stabilizing, p1 CS 294-8 Self-Stabilizing Systems

CS294, YelickSelf Stabilizing, p1 CS Self-Stabilizing Systems

Similar presentations

Ads by Google