A Formal Equivalence Classes Based Method for Security Policy Conformance Checking
نویسندگان
چکیده
Di erent security policy models have been developed andpublished in the past. Proven security policy models, if correctly im-plemented, guarantee the protection of data objects from unauthorizedaccess or usage or prevent an illegal information ow. To verify that asecurity policy model has been correctly implemented, it is importantto de ne and execute an exhaustive list of test cases, which verify thatthe formal security policy neither has been over-constrained nor under-constrained. In this paper we present a method for de ning an exhaustivelist of test cases, based on formally described equivalence classes that arederived from the formal security policy description.
منابع مشابه
A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملConformance of Distributed Systems
This paper introduces a new conformance relation between a specification and an implementation of a distributed system. It is based on a local view which allows to avoid or reduce the state explosion problem. The conformance relation is defined via Petri nets and shows not only equivalence between transitions but also equivalence between local states. This equivalence depends on the structural ...
متن کاملRuntime Verification for Generic Classes with ConGu 2
Even though generics became quite popular in mainstream objectoriented (OO) languages, approaches for checking at runtime the conformance of such programs against formal specifications still lack appropriate support. In order to overcome this limitation within CONGU, a tool-based approach we have been developing to support runtime conformance checking of Java programs against algebraic specific...
متن کاملPermission to speak: A logic for access control and conformance
Formal languages for policy have been developed for access control and conformance checking. In this paper, we describe a formalism that combines features that have been developed for each application. From access control, we adopt the use of a saying operator. From conformance checking, we adopt the use of operators for obligation and permission. The operators are combined using an axiom that ...
متن کاملOn the Verification of a WiMax Design Using Symbolic Simulation
In top-down multi-level design methodologies, design descriptions at higher levels of abstraction are incrementally refined to the final realizations. Simulation based techniques have traditionally been used to verify that such model refinements do not change the design functionality. Unfortunately, with computer simulations it is not possible to completely check that a design transformation is...
متن کامل