Model checking based security policy verification and validation

Abstract

Lots of security mechanisms have been applied in current information systems to assure the confidentiality and integrality for the information processed. These mechanisms are selected in accordance with the certain security policies which should satisfy the system requirements. It is necessary to validate the security whether it really and truly protect the system. In this paper, we first define and formalize the validity and reliability for validation and verification criteria for the security validating. Then, we propose a model checking based method to validate the consistency and completeness for security policies. In our method, the system's behaviors are modeled as the transfer structure and the property is described using LTL formula, and the model checker SPIN is applied to verify and validate the security policy. The model checking based validation also can be used to generate the validate sequences. In the end, we approve the method proposed is valid and reliable for information system security validation. ©2010 IEEE.