Verification of Interoperability Security Policies by Model Checking

2011 IEEE 13th International Symposium on High-Assurance Systems Engineering Pub Date : 2011-11-10 DOI:10.1109/HASE.2011.17

Mazen El Maarabani, A. Cavalli, Iksoon Hwang, Fatiha Zaïdi

{"title":"Verification of Interoperability Security Policies by Model Checking","authors":"Mazen El Maarabani, A. Cavalli, Iksoon Hwang, Fatiha Zaïdi","doi":"10.1109/HASE.2011.17","DOIUrl":null,"url":null,"abstract":"Access control policies are the key point for a secured interaction in business community. In general, an information system has to include an interoperability access control security policy to regulate the access from other systems to its resources. The security policy specifies a set of rules that defines the privileges of any subject accessing to the information system resources. In this paper we provide an approach to verify the correctness of contextual based interoperability access control security policies which are integrated in a system model. Security rules are initially described using the organization to organization model (O2O). We first propose an approach to transform O2O security rules to the well known Linear Temporal Logic (LTL). In order to instantiate the LTL formulae from a set of O2O security rules, we provided a mapping between the elements of the O2O security rule and the elements of the functional model in which the security rules are integrated. The resulted LTL formulae are used to verify the correctness of the security rules by model checking.","PeriodicalId":403140,"journal":{"name":"2011 IEEE 13th International Symposium on High-Assurance Systems Engineering","volume":"84 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 13th International Symposium on High-Assurance Systems Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HASE.2011.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Access control policies are the key point for a secured interaction in business community. In general, an information system has to include an interoperability access control security policy to regulate the access from other systems to its resources. The security policy specifies a set of rules that defines the privileges of any subject accessing to the information system resources. In this paper we provide an approach to verify the correctness of contextual based interoperability access control security policies which are integrated in a system model. Security rules are initially described using the organization to organization model (O2O). We first propose an approach to transform O2O security rules to the well known Linear Temporal Logic (LTL). In order to instantiate the LTL formulae from a set of O2O security rules, we provided a mapping between the elements of the O2O security rule and the elements of the functional model in which the security rules are integrated. The resulted LTL formulae are used to verify the correctness of the security rules by model checking.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

通过模型检查验证互操作性安全策略

访问控制策略是业务社区中安全交互的关键。通常，信息系统必须包含互操作性访问控制安全策略，以规范其他系统对其资源的访问。安全策略指定了一组规则，这些规则定义了访问信息系统资源的任何主体的特权。在本文中，我们提供了一种方法来验证集成在系统模型中的基于上下文的互操作性访问控制安全策略的正确性。安全规则最初是使用组织到组织模型(O2O)描述的。我们首先提出了一种将O2O安全规则转换为众所周知的线性时间逻辑(LTL)的方法。为了从一组O2O安全规则中实例化LTL公式，我们提供了O2O安全规则元素与集成安全规则的功能模型元素之间的映射。得到的LTL公式通过模型检查来验证安全规则的正确性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2011 IEEE 13th International Symposium on High-Assurance Systems Engineering

自引率

0.00%

发文量