Formal Verification of Security Specifications with Common Criteria

被引:0
|
作者
Morimoto, Shoichi [1 ]
Shigematsu, Shinjiro [2 ]
Goto, Yuichi [2 ]
Cheng, Jingde [2 ]
机构
[1] Adv Inst Ind Technol, Sch Ind Technol, Shinagawa Ku, 1-10-40 Higashi Oi, Tokyo 1400011, Japan
[2] Saitama Univ, Dept Informat & Comp Sci, Sakura Ku, Saitama 3388570, Japan
来源
APPLIED COMPUTING 2007, VOL 1 AND 2 | 2007年
关键词
ISO/IEC; 15408; Z notation; Theorem-proving;
D O I
暂无
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
This paper proposes a formalization and verification technique for security specifications, based on common criteria. Generally, it is difficult to define reliable security properties that should be applied to validate an information system. Therefore, we have applied security functional requirements that are defined in the ISO/IEC 15408 common criteria to the formal verification of security specifications. We formalized the security criteria of ISO/IEC 15408 and developed a pro cess, using Z notation, for verifying security specifications. We also demonstrate some examples of the verification instances using the theorem prover Z/EVES. In the verification process, one can verify strictly whether specifications satisfy the security criteria defined in ISO/IEC 15408.
引用
下载
收藏
页码:1506 / +
页数:2
相关论文
共 50 条
  • [1] Common Criteria Based Security Scenario Verification
    Ohnishi, Atsushi
    SOFTWARE AND DATA TECHNOLOGIES, 2009, 47 : 37 - 47
  • [2] Formal Security Policy Model for a Common Criteria evaluation
    Park, Junkil
    Choi, Jin-Young
    9TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY: TOWARD NETWORK INNOVATION BEYOND EVOLUTION, VOLS 1-3, 2007, : 277 - +
  • [3] FORVEST: A Support Tool for Formal Verification of Security Specifications with ISO/IEC 15408
    Yajima, Kenichi
    Morimoto, Shoichi
    Horie, Daisuke
    Azreen, Noor Sheila
    Goto, Yuichi
    Cheng, Jingde
    2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 624 - +
  • [4] Formal verification and validation of interactive systems specifications -: From informal specifications to formal validation
    Aït-Ameur, Y
    Breholée, B
    Girard, P
    Guittet, L
    Jambon, F
    HUMAN ERROR, SAFETY AND SYSTEMS DEVELOPMENT, 2004, 152 : 61 - 76
  • [5] Modular formal verification of specifications of concurrent systems
    Gradara, Sara
    Santone, Antonella
    Vaglini, Gigliola
    Villani, Maria Luisa
    SOFTWARE TESTING VERIFICATION & RELIABILITY, 2008, 18 (01): : 5 - 28
  • [6] A simulation approach to verification and validation of formal specifications
    Liu, SY
    FIRST INTERNATIONAL SYMPOSIUM ON CYBER WORLDS, PROCEEDINGS, 2002, : 113 - 120
  • [7] Formal Verification of AADL Specifications in the Topcased Environment
    Berthomieu, Bernard
    Bodeveix, Jean-Paul
    Chaudet, Christelle
    Dal Zilio, Silvano
    Filali, Mamoun
    Vernadat, Francois
    RELIABLE SOFTWARE TECHNOLOGIES - ADA-EUROPE 2009, 2009, 5570 : 207 - +
  • [8] Formal verification of word-level specifications
    Höreth, S
    Drechsler, R
    DESIGN, AUTOMATION AND TEST IN EUROPE CONFERENCE AND EXHIBITION 1999, PROCEEDINGS, 1999, : 52 - 58
  • [9] Formal verification of abstract system and protocol specifications
    Schneider, Axel
    Bluhm, Thomas
    Renner, Tobias
    Heinkel, Ulrich
    Knaeblein, Joachim
    Zavala, Reynaldo
    30TH ANNUAL IEEE/NASA SOFTWARE ENGINEERING WORKSHOP, PROCEEDINGS, 2006, : 207 - +
  • [10] Verification criterion directed testing for formal specifications
    Zeng, XM
    Tsai, JJP
    Weigert, TJ
    SEKE '96: THE 8TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, PROCEEDINGS, 1996, : 393 - 399
12345