Breaking the Model: finalisation and a taxonomy of security attack

Research output: Book/ReportOther report

Abstract

It is well known that security properties are not preserved by refinement, and that refinement can introduce new, covert, channels, such as timing channels. The finalisation step in refinement can be analysed to identify some of these channels, as unwanted finalisations that can break the assumptions of the formal model. We introduce a taxonomy of such unwanted finalisations, and give examples of attacks that exploit them.
Original languageEnglish
PublisherDepartment of Computer Science, University of York
Number of pages20
Publication statusPublished - 2004

Publication series

NameYork Computer Science Technical Report
PublisherDepartment of Computer Science, University of York
No.YCS-2004-371
VolumeYCS

Bibliographical note

Freely available.

Keywords

  • Finalisation
  • Observed system
  • Security model assumptions

Cite this