Specifying and Verifying Organizational Security Properties in First-Order Logic
نویسندگان
چکیده
In certain critical cases the data flow between business departments in banking organizations has to respect security policies known as Chinese Wall or Bell–La Padula. We show that these policies can be represented by formal requirements and constraints in first-order logic. By additionally providing a formal model for the flow of data between business departments we demonstrate how security policies can be applied to a concrete organizational setting and checked with a first-order theorem prover. Our approach can be applied without requiring a deep formal expertise and it therefore promises a high potential of usability in the business.
منابع مشابه
Verifying the Absence Property Pattern
Temporal properties are very common in various classes of systems, including information systems and security policies. This paper investigates two verification methods, proof and model checking, for one of the most frequent patterns of temporal property, the absence pattern. We explore two model-based specification techniques, B and Alloy, because of their adequacy for easily specifying system...
متن کاملA Brutus Logic for a Spi-calculus Dialect Acm Computing Classiication: D.2.4 Software/program Veriication -f.3.1 Specifying and Verifying and Reasoning about Programs
In the eld of process algebras, the spi-calculus, a modi-ed version of the-calculus with encryption primitives, is indicated as an expressive speciication language for cryptographic protocols. In spi-calculus basic security properties, such as secrecy and integrity can be formalized as may-testing equivalences which do not seem easily ex-tendible to express other kinds of interesting properties...
متن کاملSpecifying and Verifying Communications Protocols using Mixed Intuitionistic Linear Logic
In this paper we present a technique for specifying and verifying communications protocols and demonstrate this approach by specifying and verifying two of the fundamental communications protocols, namely TCP and IP, which form the basis of many distributed systems. The logical formalism used is Mixed Intuitionistic Linear Logic in order to use both commutative and noncommutative operators to m...
متن کاملVerification of Control Flow based Security Properties
A fundamental problem in software-based security is whether local security checks inserted into the code are sufficient to implement a global security property. We introduce a formalism based on a two-level lineartime temporal logic for specifying global security properties pertaining to the control-flow of the program, and illustrate its expressive power with a number of existing properties. W...
متن کاملTimed Modal Logics for Specifying and Verifying Real-Time Systems
The timed modal logic Lν has been proposed in order to express timed properties over real-time systems modeled as (compositions of) timed automata. In this paper, we present a short survey of results about Lν : complexity of model checking, expressivity, compositional methods, relationship with strong timed bisimulation etc. We also show how Lν can be extended in order to express new properties.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010