{"title":"针对应用程序特定使用控制的端到端正确性验证方法","authors":"P. Rajkumar, Saswati Ghosh, P. Dasgupta","doi":"10.1109/ICIINFS.2009.5429902","DOIUrl":null,"url":null,"abstract":"Usage control is a comprehensive access control model developed to cater the security needs of the wide range of application domains. Safety property of the usage control model ensures only the design level safety whereas the correctness of usage control in software application depends on the correctness of implementation as well. Most of the research in access control left the correctness of implementation as a general software verification problem. Software verification in general requires an extensive exploration of the complete state space, whereas access control of an application evolves over few repeated protection states. This paper presents a method to verify the correctness of usage control implementation by capturing and analyzing only the protection states. We use this method in the end to end correctness verification approach, which ensures the design as well as implementation correctness of usage control and we also provide an illustrative case study.","PeriodicalId":117199,"journal":{"name":"2009 International Conference on Industrial and Information Systems (ICIIS)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"An end to end correctness verification approach for application specific usage control\",\"authors\":\"P. Rajkumar, Saswati Ghosh, P. Dasgupta\",\"doi\":\"10.1109/ICIINFS.2009.5429902\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Usage control is a comprehensive access control model developed to cater the security needs of the wide range of application domains. Safety property of the usage control model ensures only the design level safety whereas the correctness of usage control in software application depends on the correctness of implementation as well. Most of the research in access control left the correctness of implementation as a general software verification problem. Software verification in general requires an extensive exploration of the complete state space, whereas access control of an application evolves over few repeated protection states. This paper presents a method to verify the correctness of usage control implementation by capturing and analyzing only the protection states. We use this method in the end to end correctness verification approach, which ensures the design as well as implementation correctness of usage control and we also provide an illustrative case study.\",\"PeriodicalId\":117199,\"journal\":{\"name\":\"2009 International Conference on Industrial and Information Systems (ICIIS)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 International Conference on Industrial and Information Systems (ICIIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIINFS.2009.5429902\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 International Conference on Industrial and Information Systems (ICIIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIINFS.2009.5429902","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An end to end correctness verification approach for application specific usage control
Usage control is a comprehensive access control model developed to cater the security needs of the wide range of application domains. Safety property of the usage control model ensures only the design level safety whereas the correctness of usage control in software application depends on the correctness of implementation as well. Most of the research in access control left the correctness of implementation as a general software verification problem. Software verification in general requires an extensive exploration of the complete state space, whereas access control of an application evolves over few repeated protection states. This paper presents a method to verify the correctness of usage control implementation by capturing and analyzing only the protection states. We use this method in the end to end correctness verification approach, which ensures the design as well as implementation correctness of usage control and we also provide an illustrative case study.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
