Vulnerabilities detection in the configurations of MS windows operating system

Authors:
Peter D. Zegzhda;Dmitry P. Zegzhda;Maxim O. Kalinin
Affiliations:
Information Security Centre of Saint-Petersburg Polytechnical University, Saint-Petersburg, Russia;Information Security Centre of Saint-Petersburg Polytechnical University, Saint-Petersburg, Russia;Information Security Centre of Saint-Petersburg Polytechnical University, Saint-Petersburg, Russia
Venue:
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Year:
2005

Citing 3
Cited 0

Miro: Visual Specification of Security

IEEE Transactions on Software Engineering
Communicating sequential processes

Communications of the ACM
UMLsec: Extending UML for Secure Systems Development

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper addresses to the technique of the vulnerabilities detection. The proposed methodology is applicable to verify property of the operating system configurations safety. Using our technique it becomes possible to discover security drawbacks in any secure system based on access control model of 'state machine' style. We discuss the Vulnerability Criteria Processing Unit, the automated detection tool, working in MS Windows and calculating the set of vulnerable settings. Through our case study of model checking in Sample Vulnerability Checking (SVC), we show how the proposed technique is applied to verify system security.