Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Logrippo, Luigi
Format: Preprint
Veröffentlicht: 2024
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2403.07226
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866916156870230016
author Logrippo, Luigi
author_facet Logrippo, Luigi
contents Some theories on data flow security are based on order-theoretical concepts, most commonly on lattice concepts. This paper presents a correspondence between security concepts and partial order concepts, by which the former become an application of the latter. The formalization involves concepts of data flow, equivalence classes of entities that can access the same data, and labels. Efficient, well-known algorithms to obtain one of these from one of the others are presented. Security concepts such as secrecy (also called confidentiality), integrity and conflict can be expressed in this theory. Further, it is shown that complex tuple labels used in the literature to express security levels can be translated into equivalent set labels. A consequence is that any network's data flow or access control relationships can be defined by assigning simple set labels to the entities. Finally, it is shown how several partial orders can be combined when different data flows must coexist.
format Preprint
id arxiv_https___arxiv_org_abs_2403_07226
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle The order-theoretical foundation for data flow security
Logrippo, Luigi
Cryptography and Security
Some theories on data flow security are based on order-theoretical concepts, most commonly on lattice concepts. This paper presents a correspondence between security concepts and partial order concepts, by which the former become an application of the latter. The formalization involves concepts of data flow, equivalence classes of entities that can access the same data, and labels. Efficient, well-known algorithms to obtain one of these from one of the others are presented. Security concepts such as secrecy (also called confidentiality), integrity and conflict can be expressed in this theory. Further, it is shown that complex tuple labels used in the literature to express security levels can be translated into equivalent set labels. A consequence is that any network's data flow or access control relationships can be defined by assigning simple set labels to the entities. Finally, it is shown how several partial orders can be combined when different data flows must coexist.
title The order-theoretical foundation for data flow security
topic Cryptography and Security
url https://arxiv.org/abs/2403.07226