Title :
Formal Specification and Verification of an Extended Security Policy Model for Database Systems
Author :
Hong, Zhu ; Yi, Zhu ; Chenyang, Li ; Jie, Shi ; Ge, Fu ; Yuanzhen, Wang
Author_Institution :
Database & Multimedia Technol. Res. Inst., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
In order to develop highly secure database systems to meet the requirements for class B2, an extended formal security policy model based on the BLP model is presented in this paper. A method for verifying security model for database systems is proposed. According to this method, the development of a formal specification and verification to ensure the security of the extended model is introduced. During the process of the verification, a number of mistakes have been identified and corrections have been made. Both the specification and verification are developed in Coq proof assistant. Our formal security model was improved and has been verified secure. This work demonstrates that our verification method is effective and sufficient and illustrates the necessity for formal verification of the extended model by using tools.
Keywords :
database management systems; formal specification; formal verification; security of data; BLP model; Coq proof assistant; extended formal security policy model; formal specification; formal verification; secure database system; Data security; Database systems; File systems; Formal specifications; Formal verification; Information security; Management information systems; Multimedia databases; Multimedia systems; Tree graphs; BLP; Coq; integrity constraints; security model;
Conference_Titel :
Trusted Infrastructure Technologies Conference, 2008. APTC '08. Third Asia-Pacific
Conference_Location :
Hubei
Print_ISBN :
978-0-7695-3363-6
DOI :
10.1109/APTC.2008.22
