Checking security policies through an enhanced Control Flow Analysis

被引：4

作者：

Bodei, Chiara ^{[1
]}

Degano, Pierpaolo ^{[1
]}

Priami, Corrado ^{[2
]}

机构：

[1] Univ Pisa, Dipartimento Informat, Via F Buonarroti 2, I-56127 Pisa, Italy

[2] Univ Trento, Dipartimento Informat & Telecomunicaz, I-1438050 Povo, TN, Italy

来源：

JOURNAL OF COMPUTER SECURITY | 2005年 / 13卷 / 01期

关键词：

Control Flow Analysis; security; access control policies; enhanced semantics;

D O I：

10.3233/JCS-2005-13103

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We introduce a Control Flow Analysis that statically approximates the dynamic behaviour of mobile processes, expressed in (a variant of) the pi-calculus. Our analysis of a system is able to describe the essential behaviour of each sub-system, tracking where and between which sub-processes communications may occur. This means that we can safely approximate the behaviour of a system plugged in a larger and mainly unknown context, without explicitly analysing it. Several possible properties can be investigated using this approximation, among which some related to confidentiality and to access control policies.

引用

页码：49 / 85

页数：37

共 50 条

[31] An economic analysis of security policies
Brück, T
DEFENCE AND PEACE ECONOMICS, 2005, 16 (05) : 375 - 389
[32] Analysis of privacy and security policies
Bertino, E.
Brodie, C.
Calo, S. B.
Cranor, L. F.
Karat, C.
Karat, J.
Li, N.
Lin, D.
Lobo, J.
Ni, Q.
Rao, P. R.
Wang, X.
IBM JOURNAL OF RESEARCH AND DEVELOPMENT, 2009, 53 (02)
[33] Remote data possession checking with enhanced security for cloud storage
Yu, Yong
Zhang, Yafang
Ni, Jianbing
Au, Man Ho
Chen, Lanxiang
Liu, Hongyu
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2015, 52 : 77 - 85
[34] Internet commerce security: issues and models for control checking
Hansen, JV
JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY, 2001, 52 (10) : 1159 - 1164
[35] Symbolic partial model checking for security analysis
Martinelli, F
COMPUTER NETWORK SECURITY, 2003, 2776 : 122 - 134
[36] Parameterized model checking for security policy analysis
Ranise, Silvio
Anh Truong
Traverso, Riccardo
INTERNATIONAL JOURNAL ON SOFTWARE TOOLS FOR TECHNOLOGY TRANSFER, 2016, 18 (05) : 559 - 573
[37] Parameterized model checking for security policy analysis
Silvio Ranise
Anh Truong
Riccardo Traverso
International Journal on Software Tools for Technology Transfer, 2016, 18 : 559 - 573
[38] Automating ROS2 Security Policies Extraction through Static Analysis
Zanatta, Giacomo
Caiazza, Gianluca
Ferrara, Pietro
Negrini, Luca
White, Ruffin
2024 IEEE/RSJ INTERNATIONAL CONFERENCE ON INTELLIGENT ROBOTS AND SYSTEMS, IROS 2024, 2024, : 3627 - 3634
[39] Promoting Nutrition Security Through Policies and Programs
Churchwell, Keith
Scarmo, Stephanie
Lloyd-Jones, Donald M.
CIRCULATION, 2022, 146 (01) : E1 - E2
[40] Model Checking Agent Knowledge in Dynamic Access Control Policies
Koleini, Masoud
Ritter, Eike
Ryan, Mark
TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS, TACAS 2013, 2013, 7795 : 448 - 462

← 1 2 3 4 5 →