Logic-based methodology to help security architects in eliciting high-level network security requirements

被引：0

作者：

Laborde, Romain ^{[1
]}

Bulusu, Sravani Teja ^{[1
]}

Wazan, Ahmad Samer ^{[1
]}

Barrere, Francois ^{[1
]}

Benzekri, Abdelmalek ^{[1
]}

机构：

[1] Univ Paul Sabatier, Toulouse, France

来源：

SAC '19: PROCEEDINGS OF THE 34TH ACM/SIGAPP SYMPOSIUM ON APPLIED COMPUTING | 2019年

关键词：

Network Security Requirements; Security Zoning; Integrity Model; Answer Set Programming;

D O I：

10.1145/3297280.3297437

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

In this paper(1), we propose a security methodology that automates the process of security zone specification and high-level network security requirements elicitation. We define a set of formalized rules derived from the principles of complete mediation, least privileges and the Clark-Wilson lite formal model making our approach traceable and verifiable. We implemented the methodology in Answer Set Programming to automatically compute an optimal network security zone model considering the cost of the security solution. A use case study of an e-commerce enterprise network infrastructure illustrates our methodology.

引用

页码：1610 / 1619

页数：10

共 50 条

[41] Physically-Feasible Repair of Reactive, Linear Temporal Logic-based, High-Level Tasks
Pacheck, Adam
Kress-Gazit, Hadas
arXiv, 2022,
[42] Towards automation of testing high-level security properties
Hanna, Aiman
Ling, Hai Zhou
Furlong, Jason
Debbabi, Mourad
DATA AND APPLICATIONS SECURITY XXII, 2008, 5094 : 268 - 282
[43] SecHLS: Enabling Security Awareness in High-Level Synthesis
Shi, Shang
Pundir, Nitin
Kamali, Hadi M.
Tehranipoor, Mark
Farahmandi, Farimah
2023 28TH ASIA AND SOUTH PACIFIC DESIGN AUTOMATION CONFERENCE, ASP-DAC, 2023, : 585 - 590
[44] Enforcing high-level security policies for Internet of Things
Koo, ChangJin
Kim, JeongYeon
JOURNAL OF SUPERCOMPUTING, 2018, 74 (09): : 4497 - 4505
[45] Enforcing high-level security policies for Internet of Things
ChangJin Koo
JeongYeon Kim
The Journal of Supercomputing, 2018, 74 : 4497 - 4505
[46] Analyzing Security Vulnerabilities Induced by High-level Synthesis
Pundir, Nitin
Aftabjahani, Sohrab
Cammarota, Rosario
Tehranipoor, Mark
Farahmandi, Farimah
ACM JOURNAL ON EMERGING TECHNOLOGIES IN COMPUTING SYSTEMS, 2022, 18 (03)
[47] A high-level aspect-oriented based language for software security hardening
Mourad, Azzam
Laverdiere, Marc-Andre
Debbabi, Mourad
SECRYPT 2007: PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2007, : 363 - 370
[48] A High-level Aspect-oriented-based Framework for Software Security Hardening
Mourad, Azzam
Laverdiere, Marc-Andre
Debbabi, Mourad
INFORMATION SECURITY JOURNAL, 2008, 17 (02): : 56 - 74
[49] A Fuzzy Logic-Based Information Security Management for Software-Defined Networks
Dotcenko, Sergei
Vladyko, Andrei
Letenko, Ivan
2014 16TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2014, : 167 - 171
[50] A high-level requirements engineering methodology for electronic system-level design
Gorse, N.
Belanger, P.
Chureau, A.
Aboulhamid, E. M.
Savaria, Y.
COMPUTERS & ELECTRICAL ENGINEERING, 2007, 33 (04) : 249 - 268

← 1 2 3 4 5 →