Paper Info
Title
Specification and verification of security requirements in a programming model for decentralized CSCW systems
Abstract
We present, in this paper, a role-based model for programming distributed CSCW systems. This model supports specification of dynamic security and coordination requirements in such systems. We also present here a model-checking methodology for verifying the security properties of a design expressed in this model. The verification methodology presented here is used to ensure correctness and consistency of a design specification. It is also used to ensure that sensitive security requirements cannot be violated when policy enforcement functions are distributed among the participants. Several aspect-specific verification models are developed to check security properties, such as task-flow constraints, information flow, confidentiality, and assignment of administrative privileges.
Year
DOI
Venue
2007
10.1145/1237500.1237503
ACM Trans. Inf. Syst. Secur.
Keywords
DocType
Volume
finite state-based model checking,dynamic security,aspect-specific verification model,role-based model,methodology for access-control policy design,security property,administrative privilege,sensitive security requirement,role-based access control,security policy specification,CSCW system,decentralized CSCW system,design specification,verification methodology,programming model,model-checking methodology
Journal
10
Issue
ISSN
Citations 
2
1094-9224
9
PageRank 
References 
Authors
0.56
37
2
Name
Order
Citations
PageRank
Tanvir Ahmed125825.13
Anand Tripathi21151106.92