Brewer-Nash Scrutinised: Mechanised Checking of Policies Featuring Write Revocation

This paper revisits the Brewer-Nash security policy model inspired by ethical Chinese Wall policies. We draw attention to the fact that write access can be revoked in the Brewer-Nash model. The semantics of write access were underspecified originally, leading to multiple interpretations for which we...

Full description

Saved in:
Bibliographic Details
Published in2024 IEEE 37th Computer Security Foundations Symposium (CSF) pp. 112 - 126
Main Authors Capozucca, Alfredo, Cristia, Maximiliano, Horne, Ross, Katz, Ricardo
Format Conference Proceeding
LanguageEnglish
Published IEEE 08.07.2024
Subjects
Adaptation models
Analytical models
automated verification
Computer security
confidentiality
Ethics
information flow
revocation
security policies
Semantics
set theory
Space exploration
Systematics
Online AccessGet full text

Cover

More Information
Summary:This paper revisits the Brewer-Nash security policy model inspired by ethical Chinese Wall policies. We draw attention to the fact that write access can be revoked in the Brewer-Nash model. The semantics of write access were underspecified originally, leading to multiple interpretations for which we provide a modern operational semantics. We go on to modernise the analysis of information flow in the Brewer-Nash model, by adopting a more precise definition adapted from Kessler. For our modernised reformulation, we provide full mechanised coverage for all theorems proposed by Brewer & Nash. Most theorems are established automatically using the tool {log} with the exception of a theorem regarding information flow, which combines a lemma in {log} with a theorem mechanised in Coq. Having covered all theorems originally posed by Brewer-Nash, achieving modern precision and mechanisation, we propose this work as a step towards a methodology for automated checking of more complex security policy models.
ISSN:2374-8303
DOI:10.1109/CSF61375.2024.00042