Formal Information-Flow Analysis of Component-Based Systems

The Project

A central question in IT Security is to ensure accessibility to sensible data for authorized people only. Furthermore, the use of component-based systems allows a modular design of software and inmproves the reusability of system parts.

Our goal is to perform security analysis of component-based systems during system design. We concentrate on confidentiality of information and aim for a correct method of analysis.

In cooperation with our project partner, we choose a real world example and provide a matching component model of the system. According to the system implementation, we refine the system into different parts and provide a specification reflecting the actual behaviour of the parts. Finally, we analyse the model with respect to security properties using methods from information-flow analysis.

The project is led by Prof. Bernhard Beckert and managed by Simon Greiner. It is part of the BMBF-funded Software Campus Project. We cooperate with partners from DHL IT-Services.

funded by; in cooperation with:
Bundesministerium für Bildung und Forschung Deutsche Post DHL