Formalizing Physical Security Procedures
نویسندگان
چکیده
Although the problems of physical security emerged more than 10,000 years before the problems of computer security, no formal methods have been developed for them, and the solutions have been evolving slowly, mostly through social procedures. But as the traffic on physical and social networks is now increasingly expedited by computers, the problems of physical and social security are becoming technical problems. From various directions, many security researchers and practitioners have come to a realization that the areas such as transportation security, public and private space protection, or critical infrastructure defense, are in need of formalized engineering methodologies. Following this lead, we extended Protocol Derivation Logic (PDL) to Procedure Derivation Logic (still PDL). In contrast with a protocol, where some principals send and receive some messages, in a procedure they can also exchange and move some objects. For simplicity, in the present paper we actually focus on the security issues arising from traffic of objects, and leave the data flows, and the phenomena emerging from the interaction of data and objects, for future work. We illustrate our approach by applying it to a flawed airport security procedure described by Schneier.
منابع مشابه
Security Policy Management Process within Six Sigma Framework
This paper presents a management process for creating adaptive, real-time security policies within the Six Sigma 6σ framework. A key challenge for the creation of a management process is the integration with models of known Industrial processes. One of the most used industrial process models is Six Sigma which is a business management model wherein customer centric needs are put in perspective ...
متن کاملA Nonmonotonic Typed Multilevel Logic for Multilevel Secure Data / Knowledge Base Management Systems - I
The study of databases through formal logic has not only enabled efficient proof procedures to be developed for query evaluation and integrity checking, but it has also resulted in the development of more intelligent and powerful database management systems. Despite all these advances, a logic for reasoning in a multilevel environment or a logic programming system for multilevel environments do...
متن کاملA traceable optimistic fair exchange protocol in the standard model
An Optimistic Fair Exchange (OFE) protocol is a good way for two parties to exchange their digital items in a fair way such that at the end of the protocol execution, both of them receive their items or none of them receive anything. In an OFE protocol there is a semi-trusted third party, named arbitrator, which involves in the protocol if it is necessary. But there is a security problem when a...
متن کاملInformation security and the Internet
Users who downloaded this article also downloaded: Lam#for Kwok, Dennis Longley, (1999),"Information security management and modelling", Information Management & Computer Security, Vol. 7 Iss 1 pp. 30-40 Kevin J. Fitzgerald, (1995),"Information security baselines", Information Management & Computer Security, Vol. 3 Iss 2 pp. 8-12 Mariana Gerber, Rossouw von Solms, Paul Overbeek, (2001),...
متن کامل