Verification of Interoperability Security Policies by Model Checking

Mazen El Maarabani, A. Cavalli, Iksoon Hwang, Fatiha Zaïdi
{"title":"Verification of Interoperability Security Policies by Model Checking","authors":"Mazen El Maarabani, A. Cavalli, Iksoon Hwang, Fatiha Zaïdi","doi":"10.1109/HASE.2011.17","DOIUrl":null,"url":null,"abstract":"Access control policies are the key point for a secured interaction in business community. In general, an information system has to include an interoperability access control security policy to regulate the access from other systems to its resources. The security policy specifies a set of rules that defines the privileges of any subject accessing to the information system resources. In this paper we provide an approach to verify the correctness of contextual based interoperability access control security policies which are integrated in a system model. Security rules are initially described using the organization to organization model (O2O). We first propose an approach to transform O2O security rules to the well known Linear Temporal Logic (LTL). In order to instantiate the LTL formulae from a set of O2O security rules, we provided a mapping between the elements of the O2O security rule and the elements of the functional model in which the security rules are integrated. The resulted LTL formulae are used to verify the correctness of the security rules by model checking.","PeriodicalId":403140,"journal":{"name":"2011 IEEE 13th International Symposium on High-Assurance Systems Engineering","volume":"84 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 13th International Symposium on High-Assurance Systems Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HASE.2011.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7

Abstract

Access control policies are the key point for a secured interaction in business community. In general, an information system has to include an interoperability access control security policy to regulate the access from other systems to its resources. The security policy specifies a set of rules that defines the privileges of any subject accessing to the information system resources. In this paper we provide an approach to verify the correctness of contextual based interoperability access control security policies which are integrated in a system model. Security rules are initially described using the organization to organization model (O2O). We first propose an approach to transform O2O security rules to the well known Linear Temporal Logic (LTL). In order to instantiate the LTL formulae from a set of O2O security rules, we provided a mapping between the elements of the O2O security rule and the elements of the functional model in which the security rules are integrated. The resulted LTL formulae are used to verify the correctness of the security rules by model checking.
通过模型检查验证互操作性安全策略
访问控制策略是业务社区中安全交互的关键。通常,信息系统必须包含互操作性访问控制安全策略,以规范其他系统对其资源的访问。安全策略指定了一组规则,这些规则定义了访问信息系统资源的任何主体的特权。在本文中,我们提供了一种方法来验证集成在系统模型中的基于上下文的互操作性访问控制安全策略的正确性。安全规则最初是使用组织到组织模型(O2O)描述的。我们首先提出了一种将O2O安全规则转换为众所周知的线性时间逻辑(LTL)的方法。为了从一组O2O安全规则中实例化LTL公式,我们提供了O2O安全规则元素与集成安全规则的功能模型元素之间的映射。得到的LTL公式通过模型检查来验证安全规则的正确性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信