Transfer and enhancement of information-flow control techniques to develop secure systems using the example of workflow systems (MORES2)

传输和增强信息流控制技术，以使用工作流系统示例开发安全系统（更多2）

• 批准号: 183700043
• 负责人: Professor Dr. Dieter Hutter
• 金额: --
• 依托单位: Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI), Bremen
• 依托单位国家: 德国
• 项目类别: Priority Programmes
• 财政年份: 2010
• 资助国家: 德国
• 起止时间: 2009-12-31 至 2016-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/183700043?language=en
• 关键词: Transfer; enhancement; information; flow; control

The project MORES2 continues the evolution of a framework for developing secure workflow systems started in the predecessor project MORES. MORES was engaged in the modeling and verification of security properties for workflow systems considering the different types of requested security properties (e.g. information-flow control, separation of duty) at a particular level of abstraction, providing various decomposition techniques. Now, MORES2 aims at the development of appropriate refinement techniques for these workflow specifications. In particular, the notion of refinement to be developed has to support the refinement of the various aspects (e.g. activities, data, users) of workflows and also has to be able to translate the security properties considered in MORES to corresponding properties in other refinement levels. Translated security guarantees of higher abstraction levels will serve as initial building blocks for the verification of security properties on lower levels. However, we cannot expect that the notion of refinement will preserve the security guarantees in general because otherwise the arising restrictions would render such a refinement impracticable. Additionally, changing the abstraction level may also result in a refinement of the abilities of an attacker observing the workflow, which causes a change of how the required security guarantees are formulated. In MORES2 we will develop techniques to make use of security guarantees of higher abstraction levels in verifying the corresponding security properties on lower abstraction levels. We will provide a corresponding verification tool support based on existing interactive proof systems.Combining the upcoming results of MORES2 with the decomposition techniques developed in MORES, we will provide an integrated approach supporting security-in-the-large for workflow systems. Applying the decomposition techniques reduces the size of the components to be verified and improves the scalability of the verification tasks in general. The refinement techniques allow one to reuse the security guarantees of higher abstraction levels to verify the security of lower levels resulting in simpler proof tasks. This approach will be evaluated using the reference scenario Security in Web-based Workflow Management Systems of the priority programme by specifying it on various abstraction levels and using it to exemplify the translation of the arising security properties along the refinement hierarchy.

MORES2项目延续了在前身项目规范中开始的开发安全工作流系统的框架的演变。MORES致力于对工作流系统的安全属性进行建模和验证，考虑到特定抽象级别的不同类型的请求安全属性(如信息流控制、职责分离)，提供了各种分解技术。现在，MORES2的目标是为这些工作流规范开发适当的精化技术。具体地说，要开发的细化概念必须支持对工作流的各个方面(例如，活动、数据、用户)的细化，并且还必须能够将通常考虑的安全属性转换为其他细化级别中的相应属性。转换后的较高抽象级别的安全保证将作为较低级别上的安全属性验证的初始构建块。然而，我们不能期望改进的概念将保留一般的安全保障，因为否则产生的限制将使这种改进变得不切实际。此外，更改抽象级别还可能导致攻击者观察工作流的能力得到改进，从而导致所需安全保证的制定方式发生变化。在MORES2中，我们将开发技术来利用较高抽象级别的安全保证来验证较低抽象级别上的相应安全属性。我们将在现有交互证明系统的基础上提供相应的验证工具支持，并将MORES2即将取得的结果与MORES的分解技术相结合，为工作流系统提供一种支持整体安全的集成方法。应用分解技术减小了要验证的组件的大小，并且总体上提高了验证任务的可伸缩性。精化技术允许人们重用较高抽象级别的安全保证来验证较低级别的安全性，从而使证明任务更简单。这一方法将使用优先方案的基于Web的工作流管理系统中的参考场景安全进行评估，方法是在不同的抽象级别上指定它，并使用它来举例说明沿着改进层次结构产生的安全属性的转换。