Security Abstractions and Intruder Models (Extended Abstract)

Abstract

Process algebraic specifications of distributed systems are increasingly being targeted at identifying security primitives well-suited as high-level programming abstractions, and at the same time adequate for security analysis and verification. Drawing on our earlier work along these lines [Bugliesi, M. and R. Focardi, Language based secure communication , in: Proceedings of the 21st IEEE Computer Security Foundations Symposium, CSF 2008, Pittsburgh, Pennsylvania, 23-25 June 2008 (2008), pp. 3–16], we investigate the expressive power of a core set of security and network abstractions that provide high-level primitives for the specifications of the honest principals in a network as well as the lower-level adversarial primitives that must be assumed available to an attacker. We analyze various bisimulation equivalences for security, arising from endowing the intruder with ( i ) different adversarial capabilities and ( ii ) increasingly powerful control on the interaction among the distributed principals of a network. By comparing the relative strength of the bimimulation equivalences we obtain a direct measure of the discriminating power of the intruders, hence of the expressiveness of the corresponding models.