Abstractions of non-interference security: probabilistic versus possibilistic

The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359–378, 2006 ; Morgan, Sci Comput Program 74(8):629–653, 2009 ) is a possibilistic (qualitative) model for noninterference security. Subsequent work (McIver et al., Proceedings of the 37th international colloquium conference on Auto...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Formal Aspects of Computing Jg. 26; H. 1; S. 169 - 194
Hauptverfasser:	Hoang, Thai Son, McIver, Annabelle K., Meinicke, Larissa, Morgan, Carroll C., Sloane, Anthony, Susatyo, Enrico
Format:	Journal Article
Sprache:	Englisch
Veröffentlicht:	London Association for Computing Machinery (ACM) 01.01.2014 Springer London Association for Computing Machinery
Schlagworte:	Computation Computer Science Math Applications in Computer Science Non-interference security Original Article Probabilistic non-interference Program refinement Program semantics Theory of Computation Program refinement Probabilistic non-interference Non-interference security Program semantics
ISSN:	0934-5043, 1433-299X
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Abstract	The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359–378, 2006 ; Morgan, Sci Comput Program 74(8):629–653, 2009 ) is a possibilistic (qualitative) model for noninterference security. Subsequent work (McIver et al., Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II, 2010 ) presents a similar but more general quantitative model that treats probabilistic information flow. Whilst the latter provides a framework to reason about quantitative security risks, that extra detail entails a significant overhead in the verification effort needed to achieve it. Our first contribution in this paper is to study the relationship between those two models (qualitative and quantitative) in order to understand when qualitative Shadow proofs can be “promoted” to quantitative versions, i.e. in a probabilistic context. In particular we identify a subset of the Shadow’s refinement theorems that, when interpreted in the quantitative model, still remain valid even in a context where a passive adversary may perform probabilistic analysis. To illustrate our technique we show how a semantic analysis together with a syntactic restriction on the protocol description, can be used so that purely qualitative reasoning can nevertheless verify probabilistic refinements for an important class of security protocols. We demonstrate the semantic analysis by implementing the Shadow semantics in Rodin, using its special-purpose refinement provers to generate (and discharge) the required proof obligations (Abrial et al., STTT 12(6):447–466, 2010 ). We apply the technique to some small examples based on secure multi-party computations.
AbstractList	The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359-378, 2006; Morgan, Sci Comput Program 74(8):629-653, 2009) is a possibilistic (qualitative) model for noninterference security. Subsequent work (McIver et al., Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II, 2010) presents a similar but more general quantitative model that treats probabilistic information flow. Whilst the latter provides a framework to reason about quantitative security risks, that extra detail entails a significant overhead in the verification effort needed to achieve it. Our first contribution in this paper is to study the relationship between those two models (qualitative and quantitative) in order to understand when qualitative Shadow proofs can be "promoted" to quantitative versions, i.e. in a probabilistic context. In particular we identify a subset of the Shadow's refinement theorems that, when interpreted in the quantitative model, still remain valid even in a context where a passive adversary may perform probabilistic analysis. To illustrate our technique we show how a semantic analysis together with a syntactic restriction on the protocol description, can be used so that purely qualitative reasoning can nevertheless verify probabilistic refinements for an important class of security protocols. We demonstrate the semantic analysis by implementing the Shadow semantics in Rodin, using its special-purpose refinement provers to generate (and discharge) the required proof obligations (Abrial et al., STTT 12(6):447-466, 2010). We apply the technique to some small examples based on secure multi-party computations. The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359-378, 2006 ; Morgan, Sci Comput Program 74(8):629-653, 2009 ) is a possibilistic (qualitative) model for noninterference security. Subsequent work (McIver et al., Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II, 2010 ) presents a similar but more general quantitative model that treats probabilistic information flow. Whilst the latter provides a framework to reason about quantitative security risks, that extra detail entails a significant overhead in the verification effort needed to achieve it. Our first contribution in this paper is to study the relationship between those two models (qualitative and quantitative) in order to understand when qualitative Shadow proofs can be "promoted" to quantitative versions, i.e. in a probabilistic context. In particular we identify a subset of the Shadow's refinement theorems that, when interpreted in the quantitative model, still remain valid even in a context where a passive adversary may perform probabilistic analysis. To illustrate our technique we show how a semantic analysis together with a syntactic restriction on the protocol description, can be used so that purely qualitative reasoning can nevertheless verify probabilistic refinements for an important class of security protocols. We demonstrate the semantic analysis by implementing the Shadow semantics in Rodin, using its special-purpose refinement provers to generate (and discharge) the required proof obligations (Abrial et al., STTT 12(6):447-466, 2010 ). We apply the technique to some small examples based on secure multi-party computations.[PUBLICATION ABSTRACT] The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359–378, 2006 ; Morgan, Sci Comput Program 74(8):629–653, 2009 ) is a possibilistic (qualitative) model for noninterference security. Subsequent work (McIver et al., Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II, 2010 ) presents a similar but more general quantitative model that treats probabilistic information flow. Whilst the latter provides a framework to reason about quantitative security risks, that extra detail entails a significant overhead in the verification effort needed to achieve it. Our first contribution in this paper is to study the relationship between those two models (qualitative and quantitative) in order to understand when qualitative Shadow proofs can be “promoted” to quantitative versions, i.e. in a probabilistic context. In particular we identify a subset of the Shadow’s refinement theorems that, when interpreted in the quantitative model, still remain valid even in a context where a passive adversary may perform probabilistic analysis. To illustrate our technique we show how a semantic analysis together with a syntactic restriction on the protocol description, can be used so that purely qualitative reasoning can nevertheless verify probabilistic refinements for an important class of security protocols. We demonstrate the semantic analysis by implementing the Shadow semantics in Rodin, using its special-purpose refinement provers to generate (and discharge) the required proof obligations (Abrial et al., STTT 12(6):447–466, 2010 ). We apply the technique to some small examples based on secure multi-party computations.
Author	Meinicke, Larissa Morgan, Carroll C. Hoang, Thai Son Sloane, Anthony McIver, Annabelle K. Susatyo, Enrico
Author_xml	– sequence: 1 fullname: Hoang, Thai Son – sequence: 2 orcidid: 0000-0002-2405-9838 fullname: McIver, Annabelle K. – sequence: 3 orcidid: 0000-0002-5272-820x fullname: Meinicke, Larissa – sequence: 4 fullname: Morgan, Carroll C. – sequence: 5 orcidid: 0000-0002-6802-7360 fullname: Sloane, Anthony – sequence: 6 fullname: Susatyo, Enrico
BackLink	https://cir.nii.ac.jp/crid/1872835442656685824$$DView record in CiNii
BookMark	eNp9kEFL5DAYhoO44DjrD_BW0IOXaJLvS9p4E9FVULzswt5Cmkkl0knHpBXm329KPSwevCQQnvflzXNMDuMQPSGnnF1yxuqrzBhXkjIuKBNQUzwgK44AVGj995CsmAakkiEckZOcQ8uACwWg5Io837R5TNaNYYi5GrqqVNMQR586n3x0vsreTSmM--tql4bWtqEPeQyu-vApT7naDXPj5-NP8qOzffYnn_ea_Lm_-337QJ9efj3e3jxRh0090tYJL3yHNdPoPDixUTWzGqRi2uoWOynBtgqlU5tNw62Dzmm5AcbBohAO1uRi6S2T3iefR7MN2fm-t9EPUzYcNQKXAE1Bz76gb8OUYllXqBqANYi8UPVCuVT-k3xnXBjtLKXICb3hzMymzWLaFNNmNm2wJPmX5C6FrU37bzNiyeTCxlef_tv0Teh8CcUQyrr55E0tGpCIQkmlGtkIhH--r5yQ
CODEN	FACME5
CitedBy_id	crossref_primary_10_1515_phys_2019_0013
Cites_doi	10.1016/j.scico.2007.09.003 10.1145/293347.293350 10.1016/j.ic.2007.07.008 10.1007/978-1-4612-1674-2 10.1007/s10207-004-0039-7 10.1145/1008731.1008734 10.1007/BF00206326 10.1109/JSAC.2002.806121 10.1007/s10009-010-0145-y 10.1016/0167-6423(87)90011-6 10.1007/s00165-010-0164-1 10.1017/CBO9780511624162 10.1109/TIT.1983.1056650 10.1007/978-3-642-03466-4_3 10.1109/SECPRI.2001.924289 10.1007/3-540-45853-0_1 10.5555/1102016 10.1007/978-3-540-78663-4_25 10.1007/11766155_19 10.1007/978-3-642-14162-1_19 10.1109/CSFW.2001.930138 10.1145/168588.168596 10.1109/SP.1984.10019 10.1007/978-3-642-22670-0_34 10.1109/SECPRI.2001.924298 10.1016/S0167-6423(99)00024-6 10.1109/SFCS.2001.959888 10.1007/978-3-642-12459-4_8 10.1109/SFCS.1982.38 10.1007/11783596_21 10.1145/1315245.1315282 10.5555/353677.353681 10.1007/978-1-84882-912-1_12 10.1109/SEFM.2003.1236206 10.1007/978-3-642-12002-2_32
ContentType	Journal Article
Copyright	British Computer Society 2012 British Computer Society 2014
Copyright_xml	– notice: British Computer Society 2012 – notice: British Computer Society 2014
DBID	RYH AAYXX CITATION 3V. 7SC 7XB 8AL 8AO 8FD 8FE 8FG 8FK ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- L7M L~C L~D M0N P5Z P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI PRINS Q9U
DOI	10.1007/s00165-012-0237-4
DatabaseName	CiNii Complete CrossRef ProQuest Central (Corporate) Computer and Information Systems Abstracts ProQuest Central (purchase pre-March 2016) Computing Database (Alumni Edition) ProQuest Pharma Collection Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) (purchase pre-March 2016) ProQuest Central (Alumni) ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Essentials ProQuest Central ProQuest Technology Collection ProQuest One ProQuest Central Korea ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional Computing Database Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection Proquest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China ProQuest Central Basic
DatabaseTitle	CrossRef Computer Science Database ProQuest Central Student Technology Collection Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection Computer and Information Systems Abstracts ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Pharma Collection ProQuest Central China ProQuest Central ProQuest One Applied & Life Sciences ProQuest Central Korea ProQuest Central (New) Advanced Technologies Database with Aerospace Advanced Technologies & Aerospace Collection ProQuest Computing ProQuest Central Basic ProQuest Computing (Alumni Edition) ProQuest One Academic Eastern Edition ProQuest Technology Collection ProQuest SciTech Collection Computer and Information Systems Abstracts Professional Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition ProQuest One Academic ProQuest Central (Alumni) ProQuest One Academic (New)
DatabaseTitleList	Computer and Information Systems Abstracts Computer Science Database CrossRef
Database_xml	– sequence: 1 dbid: BENPR name: ProQuest Central url: https://www.proquest.com/central sourceTypes: Aggregation Database
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISSN	1433-299X
EndPage	194
ExternalDocumentID	3170204061 10_1007_s00165_012_0237_4
Genre	Feature
GroupedDBID	.86 .DC .VR 06D 0VY 1N0 203 29H 2J2 2JY 2KG 2LR 2~H 30V 4.4 408 409 40D 40E 5GY 67Z 6NX 8AO 8FE 8FG 8FW 8TC 95- 95. 95~ 96X AABHQ AAHNG AAIAL AAJKR AAKMM AALFJ AARTL AATVU AAWCG AAYIU AAYQN AAYTO ABBBX ABBXA ABDZT ABECU ABFSG ABFTD ABFTV ABHLI ABHQN ABJNI ABJOX ABKCH ABKTR ABLJU ABMNI ABMQK ABNWP ABQBU ABSXP ABTHY ABTMW ABUWG ABXPI ACBXY ACGFS ACHXU ACIHN ACKNC ACM ACMLO ACOKC ACOMO ACREN ACSNA ACSTC ADBSK ADHHG ADHIR ADIMF ADKNI ADKPE ADRFC ADURQ ADYFF ADYOE ADZKW AEAQA AEBTG AEGAL AEGNC AEJHL AEJOY AEJRE AEKMD AENEX AEOHA AEPYU AETLH AEXYK AEZWR AFBBN AFFHD AFGCZ AFHIU AFKRA AFLOW AFQWF AFWTZ AFWXC AFYQB AFZKB AGAYW AGDGC AGJBK AGQMX AGQPQ AGWIL AGWZB AGYKE AHBYD AHKAY AHSBF AHWEU AHYZX AIIXL AILAN AITGF AIXLP AJBLW AJRNO AJZVZ AKRVB ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMTXH AMYQR AOCGG ARAPS ARMRJ ASPBG AVWKF AXYYD AYJHY AZFZN AZQEC B-. BA0 BDATZ BENPR BGLVJ BGNMA BPHCQ CCPQU CS3 CSCUP DL5 DNIVK DU5 DWQXO EBLON EBS EIOEI EJD ESBYG FEDTE FERAY FFXSO FINBP FNLPD FRRFC FSGXE FWDCC GGRSB GJIRD GNUQQ GNWQR GQ7 GQ8 GUFHI GXS H13 HCIFZ HF~ HG5 HG6 HMJXF HQYDN HRMNR HVGLF HZ~ I09 IHE IJ- ITM IXC IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX K6V K7- KDC KOV LAS LHSKQ M4Y MA- N2Q N9A NB0 NQJWS NU0 O9- O93 O9G O9I O9J OAM OK1 P19 P62 P9O PF0 PHGZM PHGZT PQGLB PQQKQ PROAC PT5 Q2X QOK QOS R89 R9I RHV RNS ROL RPX RSV RYH S16 S27 S3B SAP SCO SDH SDM SHX SISQX SNPRN SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN T13 TSG TSK TSV TUC U2A UG4 UOJIU UTJUX UZXMN VC2 VFIZW W48 WK8 YLTOR Z45 ZMTXR ~EX -4Z -59 -5G -BR -EM -Y2 -~C .4S 1SB 28- 2P1 2VQ 3V. 5QI 5VS AAAVM AAOBN AARHV AAYZH ABDPE ABMOR ABQSL ABTAH ABTEG ACZOJ ADINQ ADPZR AEFIE AFEXP AGGDS AHAVH ARCSS BBWZM CAG COF EDO FIGPU GGCAI GQ6 I-F KOW M0N NDZJH R4E RIG RNI RZK S1Z S26 S28 SCJ SCLPG SNE SNX T16 W23 Z7X Z81 Z83 Z88 Z8R Z8U Z8W Z92 ZY4 AAYXX ADHKG CITATION 7SC 7XB 8AL 8FD 8FK JQ2 L7M L~C L~D PKEHL PQEST PQUKI PRINS PUEGO Q9U
ID	FETCH-LOGICAL-c487t-bc2e2ef47094ce3c2d670a935609a9b4f553ab645c6dd81ac3fc95d3013a422c3
IEDL.DBID	RSV
ISICitedReferencesCount	2
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000329102400007&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	0934-5043
IngestDate	Sun Nov 09 09:09:55 EST 2025 Sat Aug 23 13:24:47 EDT 2025 Sat Nov 29 01:39:32 EST 2025 Tue Nov 18 20:50:28 EST 2025 Fri Feb 21 02:37:21 EST 2025 Mon Nov 10 09:18:10 EST 2025
IsDoiOpenAccess	false
IsOpenAccess	true
IsPeerReviewed	true
IsScholarly	true
Issue	1
Keywords	Program refinement Probabilistic non-interference Non-interference security Program semantics
Language	English
License	http://www.springer.com/tdm
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c487t-bc2e2ef47094ce3c2d670a935609a9b4f553ab645c6dd81ac3fc95d3013a422c3
Notes	SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 14 ObjectType-Article-2 content type line 23
ORCID	0000-0002-5272-820x 0000-0002-6802-7360 0000-0002-2405-9838
OpenAccessLink	https://dl.acm.org/doi/pdf/10.1007/s00165-012-0237-4
PQID	1473308441
PQPubID	43690
PageCount	26
ParticipantIDs	proquest_miscellaneous_1494315338 proquest_journals_1473308441 crossref_citationtrail_10_1007_s00165_012_0237_4 crossref_primary_10_1007_s00165_012_0237_4 springer_journals_10_1007_s00165_012_0237_4 nii_cinii_1872835442656685824
PublicationCentury	2000
PublicationDate	2014-01-01 20140100 2014-01-00 20140101
PublicationDateYYYYMMDD	2014-01-01
PublicationDate_xml	– month: 01 year: 2014 text: 2014-01-01 day: 01
PublicationDecade	2010
PublicationPlace	London
PublicationPlace_xml	– name: London
PublicationSubtitle	Applicable Formal Methods
PublicationTitle	Formal Aspects of Computing
PublicationTitleAbbrev	Form Asp Comp
PublicationYear	2014
Publisher	Association for Computing Machinery (ACM) Springer London Association for Computing Machinery
Publisher_xml	– name: Association for Computing Machinery (ACM) – name: Springer London – name: Association for Computing Machinery
References	Micali, Rogaway, Feigenbaum (CR36) 1991 Goldwasser, Levin, Menezes, Vanstone (CR16) 1990 Grimmett, Welsh (CR21) 1986 CR19 CR18 CR17 Leino, Joshi (CR25) 2000; 37 CR39 CR38 Shannon (CR43) 1948; 27 Paulson (CR37) 1998; 6 CR12 CR34 Goldreich, Canetti, Halevi (CR41) 2004; 51 Chaum (CR14) 1988; 1 Morris (CR32) 1987; 9 CR33 CR10 CR31 CR30 Backes, Pfitzmann (CR9) 2004; 3 Chor, Goldreich, Kushilevitz, Sudan (CR13) 1999; 45 Dolev, Yao (CR15) 1983; 29 Sabelfeld, Myers (CR44) 2003; 21 CR4 CR3 CR6 CR8 CR7 Abrial (CR2) 1996 CR28 CR27 CR26 Morgan (CR35) 2009; 74 CR24 CR46 CR23 CR45 CR22 CR20 CR40 Santen (CR42) 2008; 206 Abrial, Butler, Hallerstede, Hoang, Mehta, Voisin (CR1) 2010; 12 Back, von Wright (CR11) 1998 Beaver, Feigenbaum (CR5) 1991 McIver, Morgan (CR29) 2011; 23 e_1_2_1_2_17_2 e_1_2_1_2_19_2 e_1_2_1_2_38_2 e_1_2_1_2_18_2 e_1_2_1_2_39_2 e_1_2_1_2_32_2 e_1_2_1_2_33_2 e_1_2_1_2_11_2 e_1_2_1_2_30_2 e_1_2_1_2_10_2 e_1_2_1_2_31_2 e_1_2_1_2_12_2 e_1_2_1_2_37_2 Goldreich O (e_1_2_1_2_41_2) 2004; 51 e_1_2_1_2_15_2 e_1_2_1_2_34_2 e_1_2_1_2_14_2 e_1_2_1_2_35_2 Chor B (e_1_2_1_2_13_2) 1999; 45 e_1_2_1_2_40_2 Goldwasser S (e_1_2_1_2_16_2) 1990 e_1_2_1_2_29_2 e_1_2_1_2_27_2 e_1_2_1_2_28_2 e_1_2_1_2_44_2 e_1_2_1_2_22_2 e_1_2_1_2_43_2 e_1_2_1_2_42_2 e_1_2_1_2_20_2 Micali S (e_1_2_1_2_36_2) 1991 e_1_2_1_2_25_2 e_1_2_1_2_26_2 e_1_2_1_2_23_2 e_1_2_1_2_46_2 e_1_2_1_2_24_2 e_1_2_1_2_45_2 e_1_2_1_2_9_2 Grimmett GR (e_1_2_1_2_21_2) 1986 Beaver D (e_1_2_1_2_5_2) 1991 e_1_2_1_2_6_2 e_1_2_1_2_7_2 e_1_2_1_2_8_2 e_1_2_1_2_1_2 e_1_2_1_2_2_2 e_1_2_1_2_3_2 e_1_2_1_2_4_2
References_xml	– start-page: 392 year: 1991 end-page: 404 ident: CR36 article-title: Secure computation (abstract) publication-title: CRYPTO ’91. LNCS, vol 576 – ident: CR45 – ident: CR22 – volume: 74 start-page: 629 issue: 8 year: 2009 end-page: 653 ident: CR35 article-title: The Shadow Knows: refinement of ignorance in sequential programs publication-title: Sci Comput Program doi: 10.1016/j.scico.2007.09.003 – ident: CR18 – volume: 45 start-page: 965 issue: 6 year: 1999 end-page: 982 ident: CR13 article-title: Private information retrieval publication-title: J ACM doi: 10.1145/293347.293350 – volume: 206 start-page: 213 issue: 2–4 year: 2008 end-page: 249 ident: CR42 article-title: Preservation of probabilistic information flow under refinement publication-title: Inf Comput doi: 10.1016/j.ic.2007.07.008 – year: 1998 ident: CR11 publication-title: Refinement calculus: a systematic introduction doi: 10.1007/978-1-4612-1674-2 – ident: CR4 – volume: 3 start-page: 42 issue: 1 year: 2004 end-page: 60 ident: CR9 article-title: Computational probabilistic noninterference publication-title: Int J Inf Secur doi: 10.1007/s10207-004-0039-7 – volume: 6 start-page: 85 year: 1998 end-page: 128 ident: CR37 article-title: The inductive approach to verifying cryptographic protocols publication-title: J Comput Secur – ident: CR39 – ident: CR12 – ident: CR30 – volume: 51 start-page: 557 issue: 4 year: 2004 end-page: 594 ident: CR41 article-title: The random oracle methodology, revisited publication-title: JACM doi: 10.1145/1008731.1008734 – ident: CR10 – ident: CR33 – year: 1986 ident: CR21 publication-title: Probability: an introduction – ident: CR6 – ident: CR8 – ident: CR40 – volume: 1 start-page: 65 issue: 1 year: 1988 end-page: 75 ident: CR14 article-title: The dining cryptographers problem: unconditional sender and recipient untraceability publication-title: J Cryptol doi: 10.1007/BF00206326 – volume: 21 start-page: 5 issue: 1 year: 2003 end-page: 19 ident: CR44 article-title: Language-based information-flow security publication-title: IEEE J Sel Areas Commun doi: 10.1109/JSAC.2002.806121 – ident: CR27 – ident: CR23 – ident: CR46 – ident: CR19 – volume: 37 start-page: 113 issue: 1–3 year: 2000 end-page: 138 ident: CR25 article-title: A semantic approach to secure information flow publication-title: Sci Comput Program – volume: 27 start-page: 379 year: 1948 end-page: 423 ident: CR43 article-title: A mathematical theory of communication publication-title: Bell Syst Tech J – volume: 12 start-page: 447 issue: 6 year: 2010 end-page: 466 ident: CR1 article-title: Rodin: an open toolset for modelling and reasoning in Event-B publication-title: STTT doi: 10.1007/s10009-010-0145-y – ident: CR3 – volume: 9 start-page: 287 issue: 3 year: 1987 end-page: 306 ident: CR32 article-title: A theoretical basis for stepwise refinement and the programming calculus publication-title: Sci Comput Program doi: 10.1016/0167-6423(87)90011-6 – ident: CR38 – ident: CR17 – ident: CR31 – volume: 23 start-page: 711 issue: 6 year: 2011 end-page: 737 ident: CR29 article-title: Compositional refinement in agent-based security protocols publication-title: Formal Aspects Comput doi: 10.1007/s00165-010-0164-1 – start-page: 77 year: 1990 end-page: 93 ident: CR16 article-title: Fair computation of general functions in presence of immoral majority publication-title: CRYPTO ’90 – ident: CR34 – ident: CR7 – year: 1996 ident: CR2 publication-title: The B Book: assigning programs to meanings doi: 10.1017/CBO9780511624162 – ident: CR28 – ident: CR26 – start-page: 377 year: 1991 end-page: 391 ident: CR5 article-title: Foundations of secure interactive computing publication-title: CRYPTO ’91. LNCS, vol 576 – volume: 29 start-page: 198 issue: 2 year: 1983 end-page: 208 ident: CR15 article-title: On the security of public key protocols publication-title: IEEE Trans Inf Theory doi: 10.1109/TIT.1983.1056650 – ident: CR24 – ident: CR20 – ident: e_1_2_1_2_33_2 – ident: e_1_2_1_2_27_2 doi: 10.1007/978-3-642-03466-4_3 – ident: e_1_2_1_2_14_2 doi: 10.1007/BF00206326 – ident: e_1_2_1_2_26_2 doi: 10.1109/SECPRI.2001.924289 – ident: e_1_2_1_2_44_2 doi: 10.1109/JSAC.2002.806121 – ident: e_1_2_1_2_8_2 doi: 10.1007/3-540-45853-0_1 – ident: e_1_2_1_2_43_2 doi: 10.5555/1102016 – ident: e_1_2_1_2_45_2 doi: 10.1007/978-3-540-78663-4_25 – start-page: 392 volume-title: CRYPTO ’91. LNCS, vol 576 year: 1991 ident: e_1_2_1_2_36_2 – ident: e_1_2_1_2_29_2 doi: 10.1007/s00165-010-0164-1 – ident: e_1_2_1_2_23_2 doi: 10.1007/11766155_19 – volume-title: Probability: an introduction year: 1986 ident: e_1_2_1_2_21_2 – ident: e_1_2_1_2_30_2 doi: 10.1007/978-3-642-14162-1_19 – ident: e_1_2_1_2_7_2 doi: 10.1109/CSFW.2001.930138 – ident: e_1_2_1_2_10_2 doi: 10.1145/168588.168596 – ident: e_1_2_1_2_17_2 doi: 10.1109/SP.1984.10019 – ident: e_1_2_1_2_19_2 doi: 10.1007/978-3-642-22670-0_34 – ident: e_1_2_1_2_4_2 – ident: e_1_2_1_2_11_2 doi: 10.1007/978-1-4612-1674-2 – ident: e_1_2_1_2_39_2 doi: 10.1109/SECPRI.2001.924298 – ident: e_1_2_1_2_25_2 doi: 10.1016/S0167-6423(99)00024-6 – ident: e_1_2_1_2_42_2 doi: 10.1016/j.ic.2007.07.008 – volume: 45 start-page: 965 issue: 6 year: 1999 ident: e_1_2_1_2_13_2 article-title: Private information retrieval publication-title: J ACM doi: 10.1145/293347.293350 – ident: e_1_2_1_2_18_2 – ident: e_1_2_1_2_35_2 doi: 10.1016/j.scico.2007.09.003 – ident: e_1_2_1_2_15_2 doi: 10.1109/TIT.1983.1056650 – ident: e_1_2_1_2_12_2 doi: 10.1109/SFCS.2001.959888 – ident: e_1_2_1_2_22_2 doi: 10.1007/978-3-642-12459-4_8 – ident: e_1_2_1_2_20_2 – ident: e_1_2_1_2_46_2 doi: 10.1109/SFCS.1982.38 – ident: e_1_2_1_2_9_2 doi: 10.1007/s10207-004-0039-7 – ident: e_1_2_1_2_32_2 doi: 10.1016/0167-6423(87)90011-6 – start-page: 377 volume-title: CRYPTO ’91. LNCS, vol 576 year: 1991 ident: e_1_2_1_2_5_2 – ident: e_1_2_1_2_31_2 – ident: e_1_2_1_2_1_2 doi: 10.1007/s10009-010-0145-y – ident: e_1_2_1_2_34_2 doi: 10.1007/11783596_21 – ident: e_1_2_1_2_2_2 doi: 10.1017/CBO9780511624162 – ident: e_1_2_1_2_24_2 doi: 10.1145/1315245.1315282 – ident: e_1_2_1_2_37_2 doi: 10.5555/353677.353681 – ident: e_1_2_1_2_38_2 – ident: e_1_2_1_2_28_2 doi: 10.1007/978-1-84882-912-1_12 – start-page: 77 volume-title: CRYPTO ’90 year: 1990 ident: e_1_2_1_2_16_2 – ident: e_1_2_1_2_40_2 – ident: e_1_2_1_2_6_2 doi: 10.1109/SEFM.2003.1236206 – ident: e_1_2_1_2_3_2 doi: 10.1007/978-3-642-12002-2_32 – volume: 51 start-page: 557 issue: 4 year: 2004 ident: e_1_2_1_2_41_2 article-title: The random oracle methodology, revisited publication-title: JACM doi: 10.1145/1008731.1008734
SSID	ssib031263365 ssib001220187 ssib000435920 ssib004908138 ssib004297782 ssib051000125 ssj0015911 ssib000716331 ssib021413543
Score	1.963592
Snippet	The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359–378, 2006 ; Morgan, Sci Comput Program 74(8):629–653, 2009 ) is a possibilistic... The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359-378, 2006 ; Morgan, Sci Comput Program 74(8):629-653, 2009 ) is a possibilistic... The Shadow Semantics (Morgan, Math Prog Construction, vol 4014, pp 359-378, 2006; Morgan, Sci Comput Program 74(8):629-653, 2009) is a possibilistic...
SourceID	proquest crossref springer nii
SourceType	Aggregation Database Enrichment Source Index Database Publisher
StartPage	169
SubjectTerms	Computation Computer Science Math Applications in Computer Science Non-interference security Original Article Probabilistic non-interference Program refinement Program semantics Theory of Computation
SummonAdditionalLinks	– databaseName: Advanced Technologies & Aerospace Database dbid: P5Z link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LT9wwEB4V2gOX0lIQy6NyJU5UVhPHju1eKlQV9dAiDrRCXKLEdqSVULLd7PL7mfE6S6lULlxyiB-xMn5847G_D-AkiGCV0I4r2Wh0UArPjWlwuIugQ-ZtyKJKxO8f-uLCXF_by7ThNqRjleOcGCdq3zvaI_-US42ut8HV-8vsDyfVKIquJgmNDXhJLAkk3XCpbtZRBGWj_i467ZITU9cY1cwiiWhe0rE1wXHVwlY-Wpc2uun0EeT8J0oaF5_z7ec2-w28TrCTna36yVt4Ebod2B4lHVga4e_g51lDex_xssPA-pZ1fceJUmKe7gWyIQnefWakRRP5eYnqmdHxjuXAZv2wOnBLL3fh1_m3q6_feVJc4A4dlwVvnEDjtVKj0-dC4YQvdVbbAmGRrW0jW6WKuimlcqX3Jq9d0TqrPE4SRS2FcMUebGK7wj6wLEjjlc-z2jvZohtTYpm8RLTkdCGzZgLZ-L8rl-jISRXjtloTKUcTVWiiikxUyQmcrovMVlwcT2U-RiNi1fTMjSZeOYlwBOGrUUZg-tFosCoN26F6sNYEPqyTccBRFKXuQr-kPBZBF6JkM4GPY7f4q4r_Nejg6Q8ewhZiMbna3TmCzcV8GY7hlbtbTIf5-9iv7wF1Tfoo priority: 102 providerName: ProQuest
Title	Abstractions of non-interference security: probabilistic versus possibilistic
URI	https://cir.nii.ac.jp/crid/1872835442656685824 https://link.springer.com/article/10.1007/s00165-012-0237-4 https://www.proquest.com/docview/1473308441 https://www.proquest.com/docview/1494315338
Volume	26
WOSCitedRecordID	wos000329102400007&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVPQU databaseName: Advanced Technologies & Aerospace Database customDbUrl: eissn: 1433-299X dateEnd: 20190131 omitProxy: false ssIdentifier: ssj0015911 issn: 0934-5043 databaseCode: P5Z dateStart: 20020501 isFulltext: true titleUrlDefault: https://search.proquest.com/hightechjournals providerName: ProQuest – providerCode: PRVPQU databaseName: Computer Science Database customDbUrl: eissn: 1433-299X dateEnd: 20190131 omitProxy: false ssIdentifier: ssj0015911 issn: 0934-5043 databaseCode: K7- dateStart: 20020501 isFulltext: true titleUrlDefault: http://search.proquest.com/compscijour providerName: ProQuest – providerCode: PRVPQU databaseName: ProQuest Central customDbUrl: eissn: 1433-299X dateEnd: 20190131 omitProxy: false ssIdentifier: ssj0015911 issn: 0934-5043 databaseCode: BENPR dateStart: 20020501 isFulltext: true titleUrlDefault: https://www.proquest.com/central providerName: ProQuest – providerCode: PRVAVX databaseName: Springer Standard Collection customDbUrl: eissn: 1433-299X dateEnd: 20211231 omitProxy: false ssIdentifier: ssj0015911 issn: 0934-5043 databaseCode: RSV dateStart: 19970101 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LaxsxEB7iuIde8uiDunGMCj21CNZ6rKTc3GATSGKM2wbTy7IracFQ1sFr5_d3tN5d6pIUkosOu5IQGj2-0cx8A_DZM28kU5ZKkSlUULijWme43ZlXPnLGR1WWiLsbNZ3qxcLM6jjusvF2b0yS1UndBrsFdBIczRjFewb77UAXbzsd8jXMv9-1pgNpqqS7qKkLGui5GlPmY13sXUadYrncw5n_mEarG2dy_KKxnsBRDTDJaLciTuHAF2_guEneQOq9_BZuR1l45ajCGkqyykmxKmggj1jXEYCkrFPbXZCQdaZi4g2kziQ4cmxLcr8qd6614eM7-DkZ_7i8onVuBWpRRdnQzDIUUy4UqnfWc8tcrKLUcARAJjWZyKXkaRYLaWPn9DC1PLdGOjwOeCoYs_w9HOK4_AcgkRfaSTeMUmdFjgpLjG2GMeIiq7iIsh5EzSQntiYeD_kvfictZXI1XQlOVxKmKxE9-NI2ud-xbvyv8jlKDrsO5VCrwCAnEHggUNVSM_zfb2Sa1Bu0RI1HcR5pBIM9-NT-xq0V7CVp4VfbUMcgvEI8rHvwtZHzX108NaCPz6p9Bq8RhInds04fDjfrrT-HV_ZhsyzXA-h-G09n8wF0rhXFciZ_Dar1_gfbXPLU
linkProvider	Springer Nature
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1Lb9QwEB61BQkulKdYaMFIcAFZJLYT25WqqgKqVrtdcSiot5DYjrQSSpbNLog_xW9kJo-lRaK3HrjkkDiOk8zTY38fwMsggk2EdjxRhcYERXpuTIHqLoIOkbchalkiPk_0dGrOz-3HDfg17IWhZZWDTWwNta8dzZG_jZXG1Nug9z6Yf-PEGkXV1YFCoxOLcfj5A1O2Zv_kPf7fV0IcfTh7d8x7VgHuMDhf8sIJHGCpNCY2LkgnfKqj3Ep0_Ta3hSqTROZFqhKXem_i3MnS2cSjIshcCeEk9rsJN5Q0mvRqrPm6apHYlu83slJxQgYbqqhRC1oap7RMTnD0kvhVLvnBzWo2uxTi_lWVbZ3d0fb_9pnuwp0-rGaHnR7cg41Q3YftgbKC9RbsAZweFjS3027maFhdsqquOEFmLPp9j6zpCf32GHHttPjDBGXNaPnKqmHzuukWFNPJh_DpWl7qEWzhuMJjYFFQxic-jnLvVIlpWor3xClGg05LFRUjiIb_m7kebp1YP75ma6DoViQyFImMRCJTI3i9vmXeYY1c1XgXhQa7pmNsNOHmKQy3MDw3iRF4fWcQkKw3S032RzpG8GJ9GQ0KVYnyKtQramMxqMQswIzgzSCGF7r414CeXP3A53Dr-Ox0kk1OpuOncBvjTtXNZO3A1nKxCrtw031fzprFs1anGHy5bun8Dcd_Vvs
linkToPdf	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV3da9swED_Wroy-rGu30WzNpkGfNkwdfVjS3kK3sLE2FNaGvBlbkiEwnBAn_ft75y_W0Q3KXvxgfVhIOut3urvfAZwGHqzi2kVK5hoVFOEjY3IUdx50iL0NcZ0lYnahp1Mzn9urNs9p1Xm7dybJJqaBWJrKzdnKF2d94BshFXI64xGeOfiNHXgqyY-e1PWfs96MoGydgBe1dhkRVVdn1nyoi3sH0065WNzDnH-YSevTZ3Lw3-N-Ac9b4MnGzU45hCehPIKDLqkDa2X8JVyOc7r9qMMdKrYsWLksIyKVWLeRgaxqU959ZpSNpmboJbJnRg4e24qtllXjcksvX8HN5Ov1-beozbkQOVRdNlHuOC5fITWqfS4Ix32i48wKBEY2s7kslBJZnkjlEu_NKHOicFZ5_E2ITHLuxGvYxXGFY2BxkMYrP4oz72SBikyCbUYJ4iWnhYzzAcTdhKeuJSSnvBi_0p5KuZ6uFKcrpelK5QA-9k1WDRvHvyoPcRWxa3qOjCZmOYmABAGsUYZj-Um3vmkruBVqQlqI2CBIHMCHvhhFjuwoWRmWW6pjEXYhTjYD-NSt-W9d_G1Abx5V-z08u_oySS--T3-8hX3EabK5-TmB3c16G4aw5243i2r9rt7yd9xm-zI
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Abstractions+of+non-interference+security%3A+probabilistic+versus+possibilistic&rft.jtitle=Formal+aspects+of+computing&rft.au=Hoang%2C+T+S&rft.au=McIver%2C+A+K&rft.au=Meinicke%2C+L&rft.au=Morgan%2C+C+C&rft.date=2014-01-01&rft.issn=0934-5043&rft.eissn=1433-299X&rft.volume=26&rft.issue=1&rft.spage=169&rft.epage=194&rft_id=info:doi/10.1007%2Fs00165-012-0237-4&rft.externalDBID=NO_FULL_TEXT
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0934-5043&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0934-5043&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0934-5043&client=summon