Abstract | ||
---|---|---|
Research in computer security issues has recently addressed the development of Security Policy specification languages. It has however omitted the need of formal validation. In this paper we try to remedy to this drawback by the proposition of an automated tool for security policies. Because we have found several similarities between security policies and software engineering, our approach is strongly inspired from the reasoning followed in the software engineering. First, it brings out a model inspired by Promela to enable the validation task. Secondly, it proposes a 3-step validation process that deals with consistency, completeness and preservation of safety and liveness properties. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1109/IAS.2008.52 | IAS |
Keywords | Field | DocType |
3-step validation process,firewall case,formal validation,security policy specification language,validation task,automated validation method,security policies,security policy,computer security issue,liveness property,software engineering,automated tool,access control,specification language,consistency,formal verification,liveness,computer security,security | Security through obscurity,Software security assurance,Computer science,Computer security,Information security standards,Security engineering,Promela,Security policy,Computer security model,Formal verification | Conference |
Citations | PageRank | References |
4 | 0.46 | 7 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ryma Abassi | 1 | 24 | 10.45 |
Sihem Guemara El Fatmi | 2 | 40 | 13.24 |