RIFL 1.1: A Common Specification Language for Information-Flow Requirements

Technischer Bericht

Autor(en):Thomas Bauereiß, Simon Greiner, Mihai Herda, Michael Kirsten, Ximeng Li, Heiko Mantel, Martin Mohr, Matthias Perner, David Schneider und Markus Tasch
Institution:TU Darmstadt
Nummer:TUD-CS-2017-0225
Jahr:2017
PDF:

Abstract

The RS3 Information-Flow Specification Language (RIFL) is a policy language for information-flow security. RIFL originated from the need for a common language for specifying security requirements within the DFG priority program Reliably Secure Software Systems (RS3) (http://www.spp-rs3.de). In this report, we present the syntax and informal semantics of RIFL 1.1, the most recent version of RIFL. At this point in time, RIFL is supported by four tools for information-flow analysis. We believe that RIFL can also be useful as a policy language for further tools, and we encourage its adoption and extension by the community.

BibTeX

@TechReport{BauereissGreinerHerdaEA2017,
  author      = {Thomas Bauerei{\ss} and Simon Greiner and
                 Mihai Herda and Michael Kirsten and
                 Ximeng Li and Heiko Mantel
                 and Martin Mohr and Matthias Perner and
                 David Schneider and Markus Tasch},
  title	      = {RIFL 1.1: A Common Specification Language for
                 Information-Flow Requirements},
  institution = {TU Darmstadt},
  year        = {2017},
  abstract    = {The {RS}^{3} Information-Flow Specification Language ({RIFL}) is a policy
                 language for information-flow security. {RIFL} originated from the need
                 for a common language for specifying security requirements within the
                 {DFG} priority program {Reliably} {Secure} {Software} {Systems} ({RS}^{3})
                 (\url{http://www.spp-rs3.de}). In this report, we present the syntax and
                 informal semantics of {RIFL} {1.1}, the most recent version of {RIFL}.
                 At this point in time, {RIFL} is supported by four tools for
                 information-flow analysis. We believe that {RIFL} can also be useful as
                 a policy language for further tools, and we encourage its adoption and
                 extension by the community.},
  month       = aug,
  number      = {TUD-CS-2017-0225},
  pdf         = {http://www.mais.informatik.tu-darmstadt.de/WebBib/papers/2017/RIFL1.1-TechnicalReport.pdf}
}