Verifying Security Policies Using Host Attributes

Abstract : For the formal verification of a network security policy, it is crucial to express the verification goals. These formal goals, called security invariants, should be easy to express for the end user. Focusing on access control and information flow security strategies, this work discovers and proves universal insights about security invariants. This enables secure and convenient auto-completion of host attribute configurations. We demonstrate our results in a civil aviation scenario. All results are machine-verified with the Isabelle/HOL theorem prover.
Complete list of metadatas

Cited literature [19 references]  Display  Hide  Download

https://hal.inria.fr/hal-01398013
Contributor : Hal Ifip <>
Submitted on : Wednesday, November 16, 2016 - 3:36:13 PM
Last modification on : Thursday, February 7, 2019 - 5:48:38 PM
Long-term archiving on : Thursday, March 16, 2017 - 4:47:57 PM

File

978-3-662-43613-4_9_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Cornelius Diekmann, Stephan-A. Posselt, Heiko Niedermayer, Holger Kinkelin, Oliver Hanka, et al.. Verifying Security Policies Using Host Attributes. 34th Formal Techniques for Networked and Distributed Systems (FORTE), Jun 2014, Berlin, Germany. pp.133-148, ⟨10.1007/978-3-662-43613-4_9⟩. ⟨hal-01398013⟩

Share

Metrics

Record views

78

Files downloads

104