Formal Specification of Security-relevant Properties of User Interfaces
نویسندگان
چکیده
When sensitive information is exchanged with the user of a computer system, the security of the system’s user interface must be considered. In this paper, we show how security relevant properties of a user interface can be modelled and specified using the Object Constraint Language (OCL).
منابع مشابه
Z Styles for Security Properties and Modern User Interfaces
This paper describes two new styles for using Z. The first style, based on earlier work for the UK Government, is suitable for the specification of security properties in the shape of a formal security policy model. The second, an extension of the Established Strategy, is useful for specifying systems with modern graphical user interfaces and also for showing satisfaction of security properties...
متن کاملA methodology for secure interactive systems
This dissertation introduces a methodology for formal specification and verification of user interfaces under security aspects. The methodology allows to use formal methods pervasively in the specification and verification of human-computer interaction. This work consists of three parts. In the first part, a formal methodology for the description of human-computer interaction is developed. In t...
متن کاملSecurity protocols analysis: A SDL-based approach
Organizations need to develop formally analyzed systems in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques, commonly used in communication protocols, to the analysis of cryptographic protocols. In particular, we have extended the design and analysis ...
متن کاملOn a formal framework for security properties
A new approach to property-based characterisation of security requirements is presented. The main goal is to provide a framework for the specification of a wide variety of security requirements with formal semantics in terms of security properties of a discrete model of a system. In contrast to previous approaches it is not focused on a special type of security property. The classical concept o...
متن کاملFormal Reasoning about Dialogue Properties with Automatic Support
One of the advantages of using formal methods in the design of human–computer interfaces is the possibility to reason about user interface properties. Model checking techniques provide a useful support to this end. This paper discusses the possibilities of verifying the properties of user interfaces and related problems, such as when the dialogue specification has an infinite number of states. ...
متن کامل