Search Results

You are looking at 1 - 10 of 27 items :

  • "Information flow control" x
Clear All

it – Information Technology 2014; 56(6): 294–299 DE GRUYTER OLDENBOURG Special Issue Thomas Bauereiß and Dieter Hutter* Information flow control for workflow management systems Abstract: Workflow management plays an important role in analyzing and automating business processes. Secu- rity requirements in workflow management systems are typically mapped to (role-based) access control configura- tions. This paper focuses on information flow control, tak- ing into account implicit information leaks. The presented approach operates on a specification level in which

showhowan informal confiden- tiality requirement can be formalized in the specification language RIFL and how this requirement can be verified in the app store Cassandra using the RSCP security anal- yser. In particular, we demonstrate how Cassandra inte- grates the information-flow analysis by the RSCP security analyser into the installation process of an app from the perspective of a user. Keywords: Information flow control, mobile platform se- curity, security requirements, specification languages, ver- ification. ACM CCS: Security and privacy→ Systems security→ In

techniques, such as certifi- cates, donot analyse theactual behaviour of programsand thus cannot provide guarantees about integrity and confi- dentiality of software. Information flow control (IFC) is an additional fine-grained analysis of software source or ma- chine code, which uncovers all security leaks, or provides a true guarantee about integrity resp. confidentiality. IFC is typically based on some notion of noninterference, which demands that public behaviour is not influenced by secret *Corresponding author: Jürgen Graf, Karlsruhe Institute of Technology, e


In this paper the architecture of the software designed for management of position and identification data of floating and flying objects in Maritime areas controlled by Polish Border Guard is presented. The software was designed for managing information stored in a distributed system with two variants of the software, one for a mobile device installed on a vessel, an airplane or a car and second for a central server. The details of implementation of all functionalities of the MapServer in both, mobile and central, versions are briefly presented on the basis of information flow diagrams.


The invasive computing paradigm offers applications the possibility to dynamically spread their computation in a multicore/multiprocessor system in a resource-aware way. If applications are assumed to act maliciously, many security problems arise. In this acticle, we discuss different ways to deal with security problems in a resource-aware way. We first formalize the attacker model and the different security requirements that applications may have in multi-core systems. We then survey different hardware and software security mechanisms that can be dynamically configured to guarantee security on demand for invasive applications.

power plants or computing clouds. Challenges to software dependability, in particular soft- ware security will be enormous. We use the example of smart powermeters to discussadvanced technologies for the protection of integrity and confidentiality of software and data in virtualized infrastructures. We show that approaches based on homomor- phic encryption, proof-carrying code, information flow control, deductive verification, and runtime verification are promising candidates for providing solutions to a plethora of representative challenges in the domain of


News about various information security attacks against companies appears almost every day. The sources of these attacks vary from cyber-criminals who want to steal companies’ data to demand a ransom, to current or former employees who want to create damage to the organization. The best way to defend organizational critical assets is to implement an Information Security Management System that secures all sensitive assets from confidentiality, availability and integrity perspective. An Information Security Management System offers top management a framework for sensitive information flow control. This framework includes with a risk assessment that considers the security threats and vulnerabilities of the company’s assets. Companies usually implement Information Security Management System only after they have a functional quality management system, which brings clarity and optimization to the company’s processes. Current approaches on creation and implementation of effective Information Security Management System are very theoretical and thus difficult to use in practice. The main objective of this paper is to present an Information Security Management System implementation method in the case of a small company by defining the basic steps in achieving a fully functional Information Security Management System. The proposed methodology considers the top management Information Security Management System objectives, organizational context, risks assessment and third parties expectations fulfillment.


, Christian Hammer, Martin Hecker, Martin Mohr, Daniel Wasserrab Checking probabilistic noninterference using JOANA 280 Sarah Ereth, Steffen Lortz, Matthias Perner Confidentiality for Android apps: Specification and verification 288 Thomas Bauereiß, Dieter Hutter Information flow control for workflow management systems 294 Ralf Küsters, Tomasz Truderung Security in e-voting 300 Self-Portrayals of GI Junior Fellows Björn Scheuermann Designing networks for challenging applications 307 Wim Martens Theory for processing data on the Web 310 Distinguished Dissertations Juraj

the values of one address space are the same in two states, when the system sends the same action, the value in this address space should remain the same. These four sets of rules indicate the separation ruleswhich should be followed in a cloud computing environment. They are closely related to information flow in the cloud computing system, covering the information flow control between virtual machines, information flow control between tenants, as well as the separation roles played by management information flow [ 15 , 16 , 17 , 18 ]. 4 Security analysis Rule 3

Resilience by Usable Security Sven Wohlgemuth Abstract Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control hinders maximizing entropy of information