Specifying and verifying secrecy in workflows with arbitrarily many agents

Bernd Finkbeiner; Helmut Seidl; Christian Müller

doi:10.1007/978-3-319-46520-3_11

Specifying and verifying secrecy in workflows with arbitrarily many agents

Bernd Finkbeiner, Helmut Seidl, Christian Müller

Informatics 2 - Chair of Formal Languages, Compiler Construction, Software Construction

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Scopus citations

Abstract

Web-based workflow management systems, like EasyChair, HealthVault, Ebay, or Amazon, often deal with confidential information such as the identity of reviewers, health data, or credit card numbers. Because the number of participants in the workflow is in principle unbounded, it is difficult to describe the information flow policy of such systems in specification languages that are limited to a fixed number of agents. We introduce a first-order version of HyperLTL, which allows us to express information flow requirements in workflows with arbitrarily many agents. We present a bounded model checking technique that reduces the violation of the information flow policy to the satisfiability of a first-order formula. We furthermore identify conditions under which the resulting satisfiability problem is guaranteed to be decidable.

Original language	English
Title of host publication	Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings
Editors	Cyrille Artho, Doron Peled, Axel Legay
Publisher	Springer Verlag
Pages	157-173
Number of pages	17
ISBN (Print)	9783319465197
DOIs	https://doi.org/10.1007/978-3-319-46520-3_11
State	Published - 2016
Event	14th International Symposium on Automated Technology for Verification and Analysis, ATVA 2016 - Chiba, Japan Duration: 17 Oct 2016 → 20 Oct 2016

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9938 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	14th International Symposium on Automated Technology for Verification and Analysis, ATVA 2016
Country/Territory	Japan
City	Chiba
Period	17/10/16 → 20/10/16

Access to Document

10.1007/978-3-319-46520-3_11

Cite this

Finkbeiner, B., Seidl, H., & Müller, C. (2016). Specifying and verifying secrecy in workflows with arbitrarily many agents. In C. Artho, D. Peled, & A. Legay (Eds.), Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings (pp. 157-173). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9938 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-46520-3_11

Finkbeiner, Bernd ; Seidl, Helmut ; Müller, Christian. / Specifying and verifying secrecy in workflows with arbitrarily many agents. Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings. editor / Cyrille Artho ; Doron Peled ; Axel Legay. Springer Verlag, 2016. pp. 157-173 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{fe749c6a2aa04d5fbf3c5ea35f1dac25,

title = "Specifying and verifying secrecy in workflows with arbitrarily many agents",

abstract = "Web-based workflow management systems, like EasyChair, HealthVault, Ebay, or Amazon, often deal with confidential information such as the identity of reviewers, health data, or credit card numbers. Because the number of participants in the workflow is in principle unbounded, it is difficult to describe the information flow policy of such systems in specification languages that are limited to a fixed number of agents. We introduce a first-order version of HyperLTL, which allows us to express information flow requirements in workflows with arbitrarily many agents. We present a bounded model checking technique that reduces the violation of the information flow policy to the satisfiability of a first-order formula. We furthermore identify conditions under which the resulting satisfiability problem is guaranteed to be decidable.",

author = "Bernd Finkbeiner and Helmut Seidl and Christian M{\"u}ller",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2016.; 14th International Symposium on Automated Technology for Verification and Analysis, ATVA 2016 ; Conference date: 17-10-2016 Through 20-10-2016",

year = "2016",

doi = "10.1007/978-3-319-46520-3_11",

language = "English",

isbn = "9783319465197",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "157--173",

editor = "Cyrille Artho and Doron Peled and Axel Legay",

booktitle = "Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings",

}

Finkbeiner, B, Seidl, H & Müller, C 2016, Specifying and verifying secrecy in workflows with arbitrarily many agents. in C Artho, D Peled & A Legay (eds), Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9938 LNCS, Springer Verlag, pp. 157-173, 14th International Symposium on Automated Technology for Verification and Analysis, ATVA 2016, Chiba, Japan, 17/10/16. https://doi.org/10.1007/978-3-319-46520-3_11

Specifying and verifying secrecy in workflows with arbitrarily many agents. / Finkbeiner, Bernd; Seidl, Helmut; Müller, Christian.
Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings. ed. / Cyrille Artho; Doron Peled; Axel Legay. Springer Verlag, 2016. p. 157-173 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9938 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Specifying and verifying secrecy in workflows with arbitrarily many agents

AU - Finkbeiner, Bernd

AU - Seidl, Helmut

AU - Müller, Christian

N1 - Publisher Copyright: © Springer International Publishing AG 2016.

PY - 2016

Y1 - 2016

N2 - Web-based workflow management systems, like EasyChair, HealthVault, Ebay, or Amazon, often deal with confidential information such as the identity of reviewers, health data, or credit card numbers. Because the number of participants in the workflow is in principle unbounded, it is difficult to describe the information flow policy of such systems in specification languages that are limited to a fixed number of agents. We introduce a first-order version of HyperLTL, which allows us to express information flow requirements in workflows with arbitrarily many agents. We present a bounded model checking technique that reduces the violation of the information flow policy to the satisfiability of a first-order formula. We furthermore identify conditions under which the resulting satisfiability problem is guaranteed to be decidable.

AB - Web-based workflow management systems, like EasyChair, HealthVault, Ebay, or Amazon, often deal with confidential information such as the identity of reviewers, health data, or credit card numbers. Because the number of participants in the workflow is in principle unbounded, it is difficult to describe the information flow policy of such systems in specification languages that are limited to a fixed number of agents. We introduce a first-order version of HyperLTL, which allows us to express information flow requirements in workflows with arbitrarily many agents. We present a bounded model checking technique that reduces the violation of the information flow policy to the satisfiability of a first-order formula. We furthermore identify conditions under which the resulting satisfiability problem is guaranteed to be decidable.

UR - http://www.scopus.com/inward/record.url?scp=84992505815&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-46520-3_11

DO - 10.1007/978-3-319-46520-3_11

M3 - Conference contribution

AN - SCOPUS:84992505815

SN - 9783319465197

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 157

EP - 173

BT - Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings

A2 - Artho, Cyrille

A2 - Peled, Doron

A2 - Legay, Axel

PB - Springer Verlag

T2 - 14th International Symposium on Automated Technology for Verification and Analysis, ATVA 2016

Y2 - 17 October 2016 through 20 October 2016

ER -

Finkbeiner B, Seidl H, Müller C. Specifying and verifying secrecy in workflows with arbitrarily many agents. In Artho C, Peled D, Legay A, editors, Automated Technology for Verification and Analysis - 14th International Symposium, ATVA 2016, Proceedings. Springer Verlag. 2016. p. 157-173. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-46520-3_11

Specifying and verifying secrecy in workflows with arbitrarily many agents

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this