Validation of Security Policies by the Animation of Z Specifications - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2011

Validation of Security Policies by the Animation of Z Specifications

Résumé

Designing a security policy for an information system is a non-trivial task. In this paper, we consider the design of a security policy based on a variant of the RBAC model, close to SecureUML. This variant includes constraints for the separation of duty, as well as contextual constraints. Contextual constraints use information about the state of the functional model of the application to grant permissions to users. These constraints add flexibility to the security policy, but make its validation more difficult. In this paper, we first review two tools, USE and SecureMOVA, which can be used to analyse and validate a security policy. These tools focus on analyses of static aspects of the secured system. We then propose a new tool, based on the Z formal language, which uses animation of the specification to validate the static as well as dynamic aspects of the security policy, taking into account possible evolutions of the state of the functional model. We discuss how the security policy and the functional application are described to the tool, and what kind of queries and animations can be performed to analyse nominal and malicious behaviours of the system.
Fichier non déposé

Dates et versions

hal-00860805 , version 1 (11-09-2013)

Identifiants

Citer

Yves Ledru, Muhammad Nafees Qamar, Akram Idani, Jean-Luc Richier, Mohamed-Amine Labiadh. Validation of Security Policies by the Animation of Z Specifications. SACMAT 2011 - Symposium on Access Control Models and Technologies, Jun 2011, Innsbruck, Austria. pp.155-164, ⟨10.1145/1998441.1998471⟩. ⟨hal-00860805⟩
137 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More