Coinductive Unwinding of Security-Relevant Hyperproperties

• Published in: Secure IT Systems pp. 121 - 136
• Main Authors: Milushev, Dimiter, Clarke, Dave
• Format: Book Chapter
• Language: English
• Published: Berlin, Heidelberg Springer Berlin Heidelberg 2012
• Series: Lecture Notes in Computer Science
• Subjects: Covert Channel; Execution Trace; IEEE Computer Society; Security Policy; Simulation Relation
• ISBN: 3642342094; 9783642342097
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-642-34210-3_9

Unwinding relations have been widely used to prove that finite systems are secure with respect to a variety of noninterference policies. The latter are prominent instances of security-relevant hyperproperties. As hyperproperties are defined on potentially infinite systems, a new mathematical development is needed in order to (re)use unwinding relations for generic verification of security-relevant hyperproperties. In this paper we propose a framework for coinductive unwinding of security relevant hyperproperties. To illustrate the usefulness of the framework, we show that Mantel’s Basic Security Predicates (BSPs), the noninterference policies they compose, as well as their respective unwinding relations, have a meaningful coinductive reinterpretation. We prove that in a number of cases the coinductive variants of the unwinding relations imply the respective coinductive variants of the BSPs. Moreover, the latter can be used to compose high-level security-relevant hyperproperties for both finite and infinite systems. A number of the unwinding theorems also hold as expected. In conclusion, the proposed framework and results are useful both theoretically in the study of hyperproperties and in practice for verification of hyperproperties on potentially infinite systems.