Formal Specification and Validation of Security Policies

Tony Bourdier 1 Horatiu Cirstea 1 Mathieu Jaume 2 Hélène Kirchner 1, 3
1 PAREO - Formal islands: foundations and applications
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
2 SPI - Sémantiques, preuves et implantation
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical security policy specification approaches like the ones using Datalog, for example. Our specifications have an operational semantics based on transition and rewriting systems and are thus executable. This framework also provides a common formalism to define, compare and compose security systems and policies. We define transformations over secured systems in order to perform validation of classical security properties.
Type de document :
Communication dans un congrès
J. Garcia-Alfaro and P. Lafourcade. FPS - 4th Canada-France MITACS Workshop on Foundations and Practice of Security - 2011, May 2011, Paris, France. Springer, Heidelberg, 6888, pp.148-163, 2012, Lecture Notes in Computer Science. 〈10.1007/978-3-642-27901-0_12〉
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00507300
Contributeur : Tony Bourdier <>
Soumis le : mardi 22 février 2011 - 09:01:02
Dernière modification le : mercredi 21 mars 2018 - 18:58:15
Document(s) archivé(s) le : mardi 6 novembre 2012 - 14:40:23

Fichier

FormalSpecificationandValidati...
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Tony Bourdier, Horatiu Cirstea, Mathieu Jaume, Hélène Kirchner. Formal Specification and Validation of Security Policies. J. Garcia-Alfaro and P. Lafourcade. FPS - 4th Canada-France MITACS Workshop on Foundations and Practice of Security - 2011, May 2011, Paris, France. Springer, Heidelberg, 6888, pp.148-163, 2012, Lecture Notes in Computer Science. 〈10.1007/978-3-642-27901-0_12〉. 〈inria-00507300v2〉

Partager

Métriques

Consultations de la notice

448

Téléchargements de fichiers

296