{"title":"授权策略的建模和冲突检查定理证明","authors":"Devrim Unal, M. Çaglayan","doi":"10.1109/ISCN.2006.1662524","DOIUrl":null,"url":null,"abstract":"For large information systems with many entities, defining and verifying information security policies manually is error-prone and cumbersome. An automated analysis is necessary to ensure that the policies are conflict-free when defined at first and as new authorization terms are added and removed. Graph theory and logic based approaches have been previously used for formal definition and conflict checking of policies. Theorem proving has been used in cryptographic protocol and secure system verification. In this case study the use of theorem proving for definition and verification of security policies is investigated using the Coq theorem proving tool","PeriodicalId":304528,"journal":{"name":"2006 International Symposium on Computer Networks","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Theorem proving for modeling and conflict checking of authorization policies\",\"authors\":\"Devrim Unal, M. Çaglayan\",\"doi\":\"10.1109/ISCN.2006.1662524\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"For large information systems with many entities, defining and verifying information security policies manually is error-prone and cumbersome. An automated analysis is necessary to ensure that the policies are conflict-free when defined at first and as new authorization terms are added and removed. Graph theory and logic based approaches have been previously used for formal definition and conflict checking of policies. Theorem proving has been used in cryptographic protocol and secure system verification. In this case study the use of theorem proving for definition and verification of security policies is investigated using the Coq theorem proving tool\",\"PeriodicalId\":304528,\"journal\":{\"name\":\"2006 International Symposium on Computer Networks\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-07-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 International Symposium on Computer Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCN.2006.1662524\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 International Symposium on Computer Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCN.2006.1662524","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Theorem proving for modeling and conflict checking of authorization policies
For large information systems with many entities, defining and verifying information security policies manually is error-prone and cumbersome. An automated analysis is necessary to ensure that the policies are conflict-free when defined at first and as new authorization terms are added and removed. Graph theory and logic based approaches have been previously used for formal definition and conflict checking of policies. Theorem proving has been used in cryptographic protocol and secure system verification. In this case study the use of theorem proving for definition and verification of security policies is investigated using the Coq theorem proving tool
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
