A Separation Kernel Formal Security Policy
نویسندگان
چکیده
Separation kernels mediate interaction between partitions in a secure system. System security policies can be developed about systems that use separation kernels that rely only on the appropriate separation kernel operation. We introduce a formal security policy for a separation kernel in ACL2, and argue for its usefulness by comparing it with other formalisms and by using it in a proof involving the correctness of a rewall application.
منابع مشابه
A Separation Kernel Formal Security Policy in PVS
Greve, Wilding, and Vanfleet [GWV03] present an ACL2 formalization of a security policy for a separation kernel, and validate its utility by using it to support the verification of a simple application. This note reworks their development in PVS and uses the exercise to offer some comparisonns between PVS and ACL2.
متن کاملRemarks on the GWV Firewall
Greve, Wilding and Vanfleet (2003) have proposed a formal security policy for separation kernels, and used it prove a security claim for a firewall implemented in a system satisfying this security policy. The paper revisits their example and formulates a more general version of the result, that simplifies its structure and clarifies its information theoretic content.
متن کاملFormal Specification and Verification of Separation Kernels: An Overview
Separation kernel, a fundamental software of safety and security critical systems, provides to its hosted software applications high-assurance partitioning and information flow control properties. The application of separation kernel in critical domain demands the correctness of the kernel by formal verification. To our knowledge, there does not exist a survey paper on this topic. This paper gi...
متن کاملRefinement-based Specification and Security Analysis of Separation Kernels
Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to the new trend of integrating safe and secure functionalities into one separation kernel, security analysis of ARINC 653 as well as a formal specification wit...
متن کاملMetadata of the chapter that will be visualized in SpringerLink
The separation kernel concept was developed as an architecture to simplify formal kernel security verification, and is the basis for many implementations of integrated modular avionics in the aerospace domain. This paper reports on a feasibility study conducted for the European Space Agency, to explore the resources required to formally verify the correctness of such a kernel, given a reference...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003