Paper Info
Title
An Automated Validation Method for Security Policies: The Firewall Case
Abstract
Research in computer security issues has recently addressed the development of Security Policy specification languages. It has however omitted the need of formal validation. In this paper we try to remedy to this drawback by the proposition of an automated tool for security policies. Because we have found several similarities between security policies and software engineering, our approach is strongly inspired from the reasoning followed in the software engineering. First, it brings out a model inspired by Promela to enable the validation task. Secondly, it proposes a 3-step validation process that deals with consistency, completeness and preservation of safety and liveness properties.
Year
DOI
Venue
2008
10.1109/IAS.2008.52
IAS
Keywords
Field
DocType
3-step validation process,firewall case,formal validation,security policy specification language,validation task,automated validation method,security policies,security policy,computer security issue,liveness property,software engineering,automated tool,access control,specification language,consistency,formal verification,liveness,computer security,security
Security through obscurity,Software security assurance,Computer science,Computer security,Information security standards,Security engineering,Promela,Security policy,Computer security model,Formal verification
Conference
Citations 
PageRank 
References 
4
0.46
7
Authors
2
Name
Order
Citations
PageRank
Ryma Abassi12410.45
Sihem Guemara El Fatmi24013.24