Skip to Main content Skip to Navigation
Conference papers

Logic-based Methodology to Help Security Architects in Eliciting High-Level Network Security Requirements

Abstract : In this paper, we propose a security methodology that automates the process of security zone specification and high-level network security requirements elicitation. We define a set of formalized rules derived from the principles of complete mediation, least privileges and the Clark-Wilson lite formal model making our approach traceable and verifiable. We implemented the methodology in Answer Set Programming to automatically compute an optimal network security zone model considering the cost of the security solution. A use case study of an e-commerce enterprise network infrastructure illustrates our methodology.
Complete list of metadatas

Cited literature [37 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02456750
Contributor : Open Archive Toulouse Archive Ouverte (oatao) <>
Submitted on : Monday, January 27, 2020 - 3:32:18 PM
Last modification on : Saturday, June 20, 2020 - 3:38:19 AM

File

laborde_24856.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02456750, version 1
  • OATAO : 24856

Citation

Romain Laborde, Sravani Teja Bulusu, Ahmad Samer Wazan, François Barrère, Abdelmalek Benzekri. Logic-based Methodology to Help Security Architects in Eliciting High-Level Network Security Requirements. 34th ACM/SIGAPP Symposium on Applied Computing (SAC 2019), Apr 2019, Limassol, Cyprus. pp.1610-1619. ⟨hal-02456750⟩

Share

Metrics

Record views

55

Files downloads

126