CAJ | 학술논문

在复杂构件化软件的设计和实现过程中，由于安全属性的可组合性难以实现，使得系统整体的安全需求难以得到有效保证，因而安全属性的规约和验证问题是构件化软件开发过程中关注的关键问题。针对当前构件化软件设计过程中，信息流安全属性仅局限于二元安全级格模型的问题，在现有安全接口结构基础上提出广义安全接口结构，在广义安全接口结构上定义精化关系，并利用这一精化关系定义了能够支持任意有限格模型的基于安全多执行的无干扰属性，首次将安全多执行的思想应用于构件化系统的信息流安全属性验证。使用 Coq 定理证明工具实现了接口自动机程序库以及对精化关系的判定过程，并用实例验证说明了无干扰属性定义的特点及判定方法的有效性。
재복잡구건화연건적설계화실현과정중，유우안전속성적가조합성난이실현，사득계통정체적안전수구난이득도유효보증，인이안전속성적규약화험증문제시구건화연건개발과정중관주적관건문제。침대당전구건화연건설계과정중，신식류안전속성부국한우이원안전급격모형적문제，재현유안전접구결구기출상제출엄의안전접구결구，재엄의안전접구결구상정의정화관계，병이용저일정화관계정의료능구지지임의유한격모형적기우안전다집행적무간우속성，수차장안전다집행적사상응용우구건화계통적신식류안전속성험증。사용 Coq 정리증명공구실현료접구자동궤정서고이급대정화관계적판정과정，병용실례험증설명료무간우속성정의적특점급판정방법적유효성。
In the design and implementation of complicated component‐based softwares ,the security requirements on the whole system are hard to achieve due to the difficulty on enforcing the compositionality of the security properties .The specification and verification of security properties are the critical issues in the development of component‐based softwares .In this paper ,we focus on the generalization on the security lattice over the information flow security properties enforceable on the component‐based softwares .The previous definitions of the information flow security properties in the component‐based design are restricted on the binary security lattice model .In this work ,we extend the interface structure for security to the generalized interface structure for security (GISS ) . We define a refinement relation and use this relation to give a non‐interference definition (SME‐NI) based on the principle of secure multi‐execution .This is the first application of secure multi‐execution on the information flow security verification of component‐based systems . The new definition of non‐interference can be adapted to any finite security lattice models .The Coq proof assistant is used to implement the certified library for interface automata , as well as the decision procedure for the refinement relation .The experimental results show the characteristics of SME‐NI and the validity of decision procedure .