Title :
An Automated Validation Method for Security Policies: The Firewall Case
Author :
Abassi, Ryma ; Fatmi, S.
Author_Institution :
Univ. of November 7th at Carthage, Carthage
Abstract :
Research in computer security issues has recently addressed the development of security policy specification languages. It has however omitted the need of formal validation. In this paper we try to remedy to this drawback by the proposition of an automated tool for security policies. Because we have found several similarities between security policies and software engineering, our approach is strongly inspired from the reasoning followed in the software engineering. First, it brings out a model inspired by Promela to enable the validation task. Secondly, it proposes a 3-step validation process that deals with consistency, completeness and preservation of safety and liveness properties.
Keywords :
formal verification; security of data; specification languages; 3-step validation process; Promela; automated validation method; computer security issues; firewall case; formal validation; security policy specification languages; software engineering; Access control; Authorization; Computer errors; Computer security; Formal specifications; Information security; Postal services; Safety; Software engineering; Specification languages; completness; consistency; liveness; safety; security policy; validation;
Conference_Titel :
Information Assurance and Security, 2008. ISIAS '08. Fourth International Conference on
Conference_Location :
Naples
Print_ISBN :
978-0-7695-3324-7
DOI :
10.1109/IAS.2008.52
