Secure states versus Secure executions: From access control to flow control - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2013

Secure states versus Secure executions: From access control to flow control

Résumé

Several points of view exist about security policies among which two main approaches can be distinguished: policies can be defined by some properties over states of a system or by some properties over exe- cutions of a system. While enforcing a policy specified by some properties over states is rather easy, designing enforcement mechanisms to ensure security properties over executions is more complex. However, enforcing a property over states is sometimes sufficient to ensure a property over executions. In this paper, we investigate these two approaches in order to provide a formal framework that permits to make the bridge between the definition of secure states and security properties over sequences of secure states corresponding to executions. Along the lines of this paper, we illustrate our definitions by considering access control policies defined as properties over states and flow properties over executions of a system.

Dates et versions

hal-01083384 , version 1 (17-11-2014)

Identifiants

Citer

Mathieu Jaume, Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong, Ludovic Mé. Secure states versus Secure executions: From access control to flow control. ICISS 2013 - 9th International Conference on Information Systems Security, Dec 2013, Calcutta, India. pp.148-162, ⟨10.1007/978-3-642-45204-8_11⟩. ⟨hal-01083384⟩
298 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More