Title :
A four-concern-oriented secure is development approach
Author :
Jiague, Michel Embe ; Frappier, Marc ; Gervais, Frederic ; Konopacki, Pierre ; Laleau, Regine ; Milhau, Jeremy ; St-Denis, Richard
Author_Institution :
GRIL, Département d´informatique, Université de Sherbrooke, 2500 boulevard de l´Université, J1K 2R1, Québec, Canada
Abstract :
In this paper, we advocate a strong separation of four aspects of information systems: data, dynamic behavior, security data and access control behavior. We describe how to model each of these aspects using formal methods. An abstract specification of each part of an information system is defined. The presented approach can be used when building a system from scratch but can also be applied to implement a security controller for an existing system. In parallel with models, properties of the system are written. These properties are checked against the system´s models to ensure they hold using model checking techniques.
Keywords :
Access control; Algebra; Libraries; Medical services; Pressing; Programming; ASTD; Access control; Formal method; Information system; Model checking; Process algebra; Security policy;
Conference_Titel :
Security and Cryptography (SECRYPT), 2011 Proceedings of the International Conference on
Conference_Location :
Seville, Spain
