On a formal framework for security properties

Authors:
Sigrid Gürgens;Peter Ochsenschläger;Carsten Rudolph
Affiliations:
Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, D-64295 Darmstadt, Germany;Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, D-64295 Darmstadt, Germany;Fraunhofer Institute for Secure Information Technology SIT Rheinstrasse 75, D-64295 Darmstadt, Germany
Venue:
Computer Standards & Interfaces
Year:
2005

Citing 11
Cited 8

The Specification and Modeling of Computer Security

Computer
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
A semantics for a logic of authentication (extended abstract)

PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Accountability in Electronic Commerce Protocols

IEEE Transactions on Software Engineering
Use of SBIDA cases for IS projects

Proceedings of the 2000 information resources management association international conference on Challenges of information technology management in the 21st century
Binding telecooperation---a formal model for electronic commerce

Computer Networks: The International Journal of Computer and Telecommunications Networking
Formal Semantics for Authentication Logics

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Authenticity and Provability - A Formal Framework

InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Possibilistic Definitions of Security - An Assembly Kit

CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Confidentiality-Preserving Refinement

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Security Properties and CSP

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy

Secure Web Service Workflow Execution

Electronic Notes in Theoretical Computer Science (ENTCS)
Formalization of smart metering requirements

Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
Security rules versus security properties

ICISS'10 Proceedings of the 6th international conference on Information systems security
Enforcing S&D pattern design in RCES with modeling and formal approaches

Proceedings of the 14th international conference on Model driven engineering languages and systems
Abstractions preserving parameter confidentiality

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Trust areas: a security paradigm for the future internet

STM'11 Proceedings of the 7th international conference on Security and Trust Management
Analysis of the SYM2 smart meter remote software download using formal methods reasoning

Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systemss
Model-Based security event management

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security

Quantified Score

Hi-index	0.00

Visualization

Abstract

A new approach to property-based characterisation of security requirements is presented. The main goal is to provide a framework for the specification of a wide variety of security requirements with formal semantics in terms of security properties of a discrete model of a system. In contrast to previous approaches it is not focused on a special type of security property. The classical concept of ''properties'' comprising safety and liveness properties is extended to include security properties. Formalisations of authenticity, different types of non-repudiation and confidentiality are presented within the framework. Several examples illustrate the flexibility of this approach.