Formal Specification and Validation of Security Policies

被引：0

作者：

Bourdier, Tony ^{[1
]}

Cirstea, Horatiu ^{[1
]}

Jaume, Mathieu ^{[2
]}

Kirchner, Helene ^{[3
]}

机构：

[1] INRIA Nancy Grand Est Res Ctr, Nancy, France

[2] Univ Paris 06, SPI LIP6, F-75252 Paris 05, France

[3] INRIA Bordeaux Sud Ouest Res Ctr, Talence, France

来源：

FOUNDATIONS AND PRACTICE OF SECURITY | 2011年 / 6888卷

关键词：

ACCESS-CONTROL; LOGIC;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical security policy specification approaches like the ones using Datalog, for example. Our specifications have an operational semantics based on transition and rewriting systems and are thus executable. This framework also provides a common formalism to define, compare and compose security systems and policies. We define transformations over secured systems in order to perform validation of classical security properties.

引用

页码：148 / +

页数：4

共 50 条

[41] Specification and Deployment of Integrated Security Policies for Outsourced Data
Bkakria, Anis
Cuppens, Frederic
Cuppens-Boulahia, Nora
Gross-Amblard, David
[J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXVIII, 2014, 8566 : 17 - 32
[42] Applying practical formal methods to the specification and analysis of security properties
Heitmeyer, C
[J]. INFORMATION ASSURANCE IN COMPUTER NETWORKS: METHODS, MODELS AND ARCHITECTURES FOR NETWORK SECURITY, PROCEEDINGS, 2001, 2052 : 84 - 89
[43] FORMAL SPECIFICATION OF SECURITY REQUIREMENTS USING THE THEORY OF NORMATIVE POSITIONS
JONES, AJI
SERGOT, M
[J]. LECTURE NOTES IN COMPUTER SCIENCE, 1992, 648 : 103 - 121
[44] Formal specification and verification of resource bound security using PVS
Yu, WJ
Mok, AK
[J]. SOFTWARE SECURITY - THEORIES AND SYSTEMS, 2004, 3233 : 113 - 133
[45] Towards a formal specification method for enterprise information system security
Sengupta, Anirban
Barik, Mridul Sankar
[J]. INFORMATION SYSTEMS SECURITY, PROCEEDINGS, 2006, 4332 : 373 - +
[46] Security requirements specification by formal methods: a research metadata analysis
Mishra, Aditya Dev
Mustafa, Khurram
[J]. MULTIMEDIA TOOLS AND APPLICATIONS, 2023, 83 (14) : 41847 - 41866
[47] Security Protocol For Distributed Networks using Formal Method Specification
Nandewal, Arun
Mahendra, Deepesh
Chandrasekaran, K.
[J]. 2016 3RD INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING AND COMMUNICATION SYSTEMS (ICACCS), 2016,
[48] Security requirements specification by formal methods: a research metadata analysis
Aditya Dev Mishra
Khurram Mustafa
[J]. Multimedia Tools and Applications, 2024, 83 : 41847 - 41866
[49] First Results of a Formal Analysis of the Network Time Security Specification
Teichel, Kristof
Sibold, Dieter
Milius, Stefan
[J]. SECURITY STANDARDISATION RESEARCH, SSR 2015, 2015, 9497 : 218 - 245
[50] A Formal Security Framework for Mobile Agent Systems: Specification and Verification
Loulou, Monia
Kacem, Ahmed Hadj
Mosbah, Mohamed
Jmaiel, Mohamed
[J]. CRISIS: 2008 THIRD INTERNATIONAL CONFERENCE ON RISKS AND SECURITY OF INTERNET AND SYSTEMS, PROCEEDINGS, 2008, : 69 - 76

← 1 2 3 4 5 →