The Z notation: a reference manual
The Z notation: a reference manual
Instant CORBA
Computer security
Specification and verification of an object request broker
Proceedings of the 20th international conference on Software engineering
Enterprise Java computing: applications and architecture
Enterprise Java computing: applications and architecture
Understanding COM+
Way of Z
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
Object Orientation in Z
Specification Case Studies
A Structure Preserving Encoding of Z in Isabelle/HOL
TPHOLs '96 Proceedings of the 9th International Conference on Theorem Proving in Higher Order Logics
A Typed Access Control Model for CORBA
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Using Z as a Specification Calculus for Object-Oriented Systems
VDM '90 Proceedings of the Third International Symposium of VDM Europe on VDM and Z - Formal Methods in Software Development
A Corrected Failure Divergence Model for CSP in Isabelle/HOL
FME '97 Proceedings of the 4th International Symposium of Formal Methods Europe on Industrial Applications and Strengthened Foundations of Formal Methods
Formal Specification of CORBA Services using Object-Z
ICFEM '98 Proceedings of the Second IEEE International Conference on Formal Engineering Methods
Authorization in CORBA Security
Journal of Computer Security
A formal framework for middleware behavioural specification
ACM SIGSOFT Software Engineering Notes
Formal Modeling of a Generic Middleware to Ensure Invariant Properties
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
A Software Architecture-Based Approach for Formalising Middleware Behaviour
Electronic Notes in Theoretical Computer Science (ENTCS)
Analysis of ANSI RBAC Support in COM+
Computer Standards & Interfaces
A LOTOS framework for middleware specification
FORTE'06 Proceedings of the 26th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems
| Hi-index | 0.00 |
We give a formal specification and analysis of the security service of CORBA, the Common Object Request Broker Architecture specified by the Object Management Group, OMG. In doing so, we tackle the problem of how one can apply lightweight formal methods to improve the precision and aid the analysis of a substantial, committee-designed, informal specification. Our approach is scenario-driven: we use representative scenarios to determine which parts of the informal specification should be formalized and verify the resulting formal specification against these scenarios. For the formalization, we have specified a significant part of the security service's data-model using the formal language Z. Through this process, we have been able to sharpen the OMG-specification, uncovering a number of errors and omissions.