Abstract
We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical security policy specification approaches like the ones using Datalog, for example. Our specifications have an operational semantics based on transition and rewriting systems and are thus executable. This framework also provides a common formalism to define, compare and compose security systems and policies. We define transformations over secured systems in order to perform validation of classical security properties. © 2012 Springer-Verlag.
Cite
CITATION STYLE
Bourdier, T., Cirstea, H., Jaume, M., & Kirchner, H. (2012). Formal specification and validation of security policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6888 LNCS, pp. 148–163). https://doi.org/10.1007/978-3-642-27901-0_12
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
