MODEL CHECKING FOR VERIFICATION OF MANDATORY ACCESS CONTROL MODELS AND PROPERTIES
作者: VINCENT C. HU , D. RICHARD KUHN , TAO XIE , JEEHYUN HWANG
DOI: 10.1142/S021819401100513X
关键词:
摘要: Mandatory access control (MAC) mechanisms which users or processes have to resources in a system. MAC policies are increasingly specified facilitate managing and maintaining control. However, the correct specification of is very challenging problem. To formally precisely capture security properties that should adhere to, models usually written bridge rather wide gap abstraction between mechanisms. In this paper, we propose general approach for property verification models. The defines standardized structure models, providing both automated generation test cases. expresses language model checker generic language. Then uses verify integrity, coverage, confinement these finally generates cases via combinatorial covering array system implementations
sci-hub.se 参考文章(26)
Anneli Folkesson, Secure Computer Systems Uppsala University, Sweden. ,(2013)
Evan Martin, Tao Xie, Ting Yu, Defining and measuring policy coverage in testing access control policies international conference on information and communication security. ,vol. 4307, pp. 139- 158 ,(2006) , 10.1007/11935308_11
Vincent C. Hu, Deborah A. Frincke, David F. Ferraiolo, The Policy Machine for Security Policy Management international conference on computational science. ,vol. 2074, pp. 494- 506 ,(2001) , 10.1007/3-540-45718-6_54
Nan Zhang, Mark Ryan, Dimitar P. Guelev, Evaluating access control policies through model checking international conference on information security. ,vol. 3650, pp. 446- 460 ,(2005) , 10.1007/11556992_32
Vincent C. Hu, D. Richard Kuhn, Tao Xie, Property Verification for Generic Access Control Models embedded and ubiquitous computing. ,vol. 2, pp. 243- 250 ,(2008) , 10.1109/EUC.2008.22
Amir Pnueli, The temporal semantics of concurrent programs Theoretical Computer Science. ,vol. 13, pp. 45- 60 ,(1981) , 10.1016/0304-3975(81)90110-9
Evan Martin, Automated test generation for access control policies conference on object-oriented programming systems, languages, and applications. pp. 752- 753 ,(2006) , 10.1145/1176617.1176708
Trent Jaeger, Jonathon E. Tidswell, Practical safety in flexible access control models ACM Transactions on Information and System Security. ,vol. 4, pp. 158- 190 ,(2001) , 10.1145/501963.501966
Ravi Sandhu, Venkata Bhamidipati, Qamar Munawer, The ARBAC97 model for role-based administration of roles ACM Transactions on Information and System Security. ,vol. 2, pp. 105- 135 ,(1999) , 10.1145/300830.300839
Mordechai Ben-Ari, Amir Pnueli, Zohar Manna, The temporal logic of branching time Acta Informatica. ,vol. 20, pp. 207- 226 ,(1983) , 10.1007/BF01257083