Skip to Main content Skip to Navigation
Conference papers

A Formal Equivalence Classes Based Method for Security Policy Conformance Checking

Abstract : Different security policy models have been developed and published in the past. Proven security policy models, if correctly implemented, guarantee the protection of data objects from unauthorized access or usage or prevent an illegal information flow. To verify that a security policy model has been correctly implemented, it is important to define and execute an exhaustive list of test cases, which verify that the formal security policy neither has been over-constrained nor under-constrained. In this paper we present a method for defining an exhaustive list of test cases, based on formally described equivalence classes that are derived from the formal security policy description.
Complete list of metadata

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01542451
Contributor : Hal Ifip <>
Submitted on : Monday, June 19, 2017 - 5:01:30 PM
Last modification on : Thursday, March 5, 2020 - 4:47:35 PM
Long-term archiving on: : Friday, December 15, 2017 - 9:49:57 PM

File

978-3-642-32498-7_12_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Eckehard Hermann, Udo Litschauer, Jürgen Fuß. A Formal Equivalence Classes Based Method for Security Policy Conformance Checking. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES), Aug 2012, Prague, Czech Republic. pp.146-160, ⟨10.1007/978-3-642-32498-7_12⟩. ⟨hal-01542451⟩

Share

Metrics

Record views

418

Files downloads

299