Logic-based methodology to help security architects in eliciting high-level network security requirements

被引：0

作者：

Laborde, Romain ^{[1
]}

Bulusu, Sravani Teja ^{[1
]}

Wazan, Ahmad Samer ^{[1
]}

Barrere, Francois ^{[1
]}

Benzekri, Abdelmalek ^{[1
]}

机构：

[1] Univ Paul Sabatier, Toulouse, France

来源：

SAC '19: PROCEEDINGS OF THE 34TH ACM/SIGAPP SYMPOSIUM ON APPLIED COMPUTING | 2019年

关键词：

Network Security Requirements; Security Zoning; Integrity Model; Answer Set Programming;

D O I：

10.1145/3297280.3297437

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

In this paper(1), we propose a security methodology that automates the process of security zone specification and high-level network security requirements elicitation. We define a set of formalized rules derived from the principles of complete mediation, least privileges and the Clark-Wilson lite formal model making our approach traceable and verifiable. We implemented the methodology in Answer Set Programming to automatically compute an optimal network security zone model considering the cost of the security solution. A use case study of an e-commerce enterprise network infrastructure illustrates our methodology.

引用

页码：1610 / 1619

页数：10

共 50 条

[21] Logic-Based Security Architecture for Systems Providing Multihop Communication
Almomani, Iman
Al-Banna, Eman
AL-Akhras, Mousa
INTERNATIONAL JOURNAL OF DISTRIBUTED SENSOR NETWORKS, 2013,
[22] A logic-based framework for the security analysis of Industrial Control Systems
Lemaire L.
Vossaert J.
Jansen J.
Naessens V.
Automatic Control and Computer Sciences, 2017, 51 (2) : 114 - 123
[23] A Fuzzy Logic-based Information Security Control Assessment for Organizations
Otero, Angel R.
Tejay, Gurvirender
Otero, Luis Daniel
Ruiz-Torres, Alex J.
2012 IEEE CONFERENCE ON OPEN SYSTEMS (ICOS 2012), 2012, : 190 - 195
[24] HIGH-LEVEL SECURITY ARCHITECTURES AND THE KERBEROS SYSTEM
RUSSELL, D
COMPUTER NETWORKS AND ISDN SYSTEMS, 1990, 19 (3-5): : 201 - 214
[25] High-Level Approaches to Hardware Security: A Tutorial
Pearce, Hammond
Karri, Ramesh
Tan, Benjamin
ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2023, 22 (03)
[26] Enforcing high-level security properties for applets
Pavlova, M
Barthe, G
Burdy, L
Huisman, M
Lanet, JL
SMART CARD RESEARCH AND ADVANCED APPLICATIONS VI, 2004, 153 : 1 - 16
[27] Physically Feasible Repair of Reactive, Linear Temporal Logic-Based, High-Level Tasks
Pacheck, Adam
Kress-Gazit, Hadas
IEEE TRANSACTIONS ON ROBOTICS, 2023, 39 (06) : 4653 - 4670
[28] Logic-based extensions of stochastic process algebras for high-level performance modelling and evaluation
Klehmet, U
SIMULATION AND MODELLING: ENABLERS FOR A BETTER QUALITY OF LIFE, 2000, : 97 - 101
[29] Malacoda: Towards High-Level Compilation of Network Security Applications on Reconfigurable Hardware
Muehlbach, Sascha
Koch, Andreas
PROCEEDINGS OF THE EIGHTH ACM/IEEE SYMPOSIUM ON ARCHITECTURES FOR NETWORKING AND COMMUNICATIONS SYSTEMS (ANCS'12), 2012, : 247 - 257
[30] Towards ontological approach to eliciting risk-based security requirements
Arogundade, Oluwasefunmi Tale
Jin, Zhi
Yang, Xiaoguang
International Journal of Information and Computer Security, 2014, 6 (02) : 143 - 178

← 1 2 3 4 5 →