An Approach for the Specification, Verification and Synthesis of Secure Systems

Authors:
Fabio Martinelli;Ilaria Matteucci
Affiliations:
Istituto di Informatica e Telematica - C.N.R., Pisa, Italy;Istituto di Informatica e Telematica - C.N.R., Pisa, Italy and Dipartimento di Scienze Matematiche ed Informatiche, Università degli Studi di Siena
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2007

Citing 11
Cited 3

Communicating sequential processes

Communicating sequential processes
An automata theoretic decision procedure for the propositional mu-calculus

Information and Computation
Communicating and mobile systems: the &pgr;-calculus

Communicating and mobile systems: the &pgr;-calculus
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Analysis of security protocols as open systems

Theoretical Computer Science
Module Checking

CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
Partial Model Checking

LICS '95 Proceedings of the 10th Annual IEEE Symposium on Logic in Computer Science
A Hierarchy of Authentication Specifications

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Through Modeling to Synthesis of Security Automata

Electronic Notes in Theoretical Computer Science (ENTCS)
Automated Synthesis of Enforcing Mechanisms for Security Properties in a Timed Setting

Electronic Notes in Theoretical Computer Science (ENTCS)
Applying Generalized Non Deducibility on Compositions (GNDC) Approach in Dependability

Electronic Notes in Theoretical Computer Science (ENTCS)

Security policy compliance with violation management

Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Run-Time Enforcement of Nonsafety Policies

ACM Transactions on Information and System Security (TISSEC)
Idea: Action Refinement for Security Properties Enforcement

ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we describe an approach based on open system analysis for the specification, verification and synthesis of secure systems. In particular, by using our framework, we are able to model a system with a possible intruder and verify whether the whole system is secure, i.e. whether the system satisfies a given temporal logic formula that describes its secure behavior. If necessary, we are also able to automatically synthesize a process that, by controlling the behavior of the possible intruder, enforces the desired secure behavior of the whole system.