350 rub
Journal Highly available systems №3 for 2013 г.
Article in number:
Verification of information flows for design of secure information systems with embedded devices
Keywords: security information flows embedded devices
Authors:
V.A. Desnitsky - Research Scientist, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS). E-mail: desnitsky@comsec.spb.ru
I.V. Kotenko - Research Scientist, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS). E-mail: ivkote@comsec.spb.ru
A.A. Chechulin - Head of Laboratory, St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences (SPIIRAS). E-mail: chechulin@comsec.spb.ru
Abstract:
The presence of hardware resource constraints on embedded devices causes complexity of application of traditional cryptographic and other protection means used to provide security of personal computers and servers. Therefore security of information systems with embedded devices requires specific approaches to design security mechanisms providing resistance of the system to attacks not only through extra protection means, but at the expense of peculiarities of the architecture of the system. As a way to achieve this goal an analysis of information system with embedded devices at all design stages allows avoiding architectural defects lessening security level of the system. An important result of the work is a verification technique to check information flows. The goal of the technique is to evaluate security of the developed system with embedded devices, check correctness of the security policy and determine the level of accordance of information flows of the real system to the assigned policies. We applied model checking to verify security policy rules describing information flows by means of software tool SPIN. Such verification is related to the methods of static system analysis. Its fulfillment at initial stages of the system design provides earlier revelation of contradictions within the security policy as well as inconsistencies of the information system topology. In contrast to dynamic analysis comprising testing implemented devices on the basis of testing attack vectors the proposed verification approach allows lessening the amounts of actions to be conducted repeatedly after correction of detected design errors. We singled out one of the most important anomaly types, shadowing anomaly, which the verification is oriented to. A presence of this anomaly supposes the rule is never held due to a fact that there is one of a number of other rules overriding it. The anomaly witnesses a probable error in the policy, which should be revised. An advantage of the proposed verification is the possibility to ensure security of the system if the model behavior agreed with the real system one. The drawbacks includes a great volume of computational resources involved in analysis of complex models, false positive alarms (i.e. warnings about potential information flows that will not be in the real system) and incompleteness, since a model (not the real system) is checked.
Pages: 112-117
References

  1. Desniczkij V.A., Kotenko I.V. Proektirovanie zashhishhenny'x vstroenny'x ustrojstv na osnove konfigurirovaniya // Problemy' informaczionnoj bezopasnosti. Komp'yuterny'e sistemy'. 2013. № 1.
  2. Desniczkij V.A., Chechulin A.A. Modeli proczessa postroeniya bezopasny'x vstroenny'x sistem // Sistemy' vy'sokoj dostupnosti. 2011. № 2. S. 97-101.
  3. Kotenko I.V., Desniczkij V.A., Chechulin A.A. Issledovanie texnologii proektirovaniya bezopasny'x vstroenny'x sistem v proekte Evropejskogo soobshhestva SecFutur // Zashhita informaczii. Insajd. 2011. № 3. S. 68-75.
  4. Pistoia M., Chandra S., Fink S., Yahav E. A Survey Of Static Analysis Methods For Identifying Security Vulnerabilities In Software Systems // IBM Systems Journal. 2007. P. 2007.
  5. Rae A., Fidge C. Identifying Critical Components during Information Security Evaluations // Journal of Research and Practice in Information Technology. 2005. P. 391-402.
  6. Ruiz J. F., Desnitsky V., Harjani R., Manna A., Kotenko I., Chechulin A. A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components. 20th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP 2012). Garching/Munich. February 2012.
  7. Glossarij terminov po informaczionnoj bezopasnosti. http://www.z-it.ru/usefull-information/glossary.
  8. Chechulin A.A., Kotenko I.V., Desniczkij V.A. Analiz informaczionny'x potokov dlya postroeniya zashhishhenny'x sistem so vstroenny'mi ustrojstvami // Sistemy' vy'sokoj dostupnosti. 2012. № 2. S. 116-122.
  9. Braghin C., Sharygina N., Barone-Adesi K. A model checking-based approach for security policy verification of mobile systems // Formal Aspects of Computing Journal. 2011. P. 627-648.
  10. Hedin D., Sabelfeld A. A Perspective on Information-Flow // Summer School Control Tools for Analysis and Verification of Software Safety and Security. Marktoberdorf. Germany. 2011.
  11. Agaskar A., He T., Tong L. Distributed Detection of Multi-hop Information Flows with Fusion Capacity Constraints // Signal Processing, IEEE Transactions on IEEE. 2010. V. 58. № 6. P. 3373-3383.
  12. Sprintson A., El Rouayheb S., Georghiades C. A New Construction Method for Networks from Matroids // Proceedings of the 2009 IEEE international conference on Symposium on Information Theory (ISIT-09). 2009.
  13. Baier C., Katoen J.-P. Principles of Model Checking. The MIT Press. 2008. 984 p.
  14. SecFutur project website. http://secfutur.eu
  15. Polubelova O.V., Kotenko I.V. Metodika verifikaczii pravil fil'traczii metodom «proverki na modeli» // Problemy' informaczionnoj bezopasnosti. Komp'yuterny'e sistemy'. 2013. № 1.
  16. Chechulin A., Kotenko I., Desnitsky V. A Combined Approach for Network Information Flow Analysis for Systems of Embedded Components // Lecture Notes in Computer Science. Springer-Verlag. V. 7531. The 6th International Conference «Mathematical Methods, Models and Architectures for Computer Networks Security» (MMM-ACNS-2012). October 17-19, 2012. St. Petersburg, Russia. P. 146-155.
  17. Desnitsky V., Kotenko I., Chechulin A. Configuration-based approach to embedded device security // Lecture Notes in Computer Science, Springer-Verlag. V. 7531. The 6th International Conference «Mathematical Methods, Models and Architectures for Computer Networks Security» (MMM-ACNS-2012). October 17-19, 2012, St. Petersburg, Russia. P. 270-285.