An Introduction to Formal Specification and Z
An Introduction to Formal Specification and Z
High-Integrity System Specification and Design
High-Integrity System Specification and Design
Interactive Theorem Proving and Program Development
Interactive Theorem Proving and Program Development
Patterning Protection Profiles by UML for Security Specifications
CIMCA '05 Proceedings of the International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce Vol-2 (CIMCA-IAWTIC'06) - Volume 02
A web user interface of the security requirement management database based on ISO/IEC 15408
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part IV
A security requirement management database based on ISO/IEC 15408
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
A Security Specification Library with a Schemaless Database
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part III: ICCS 2007
Classification, formalization and verification of security functional requirements
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Idea: simulation based security requirement verification for transaction level models
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Validation of security-design models using Z
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Automatized high-level evaluation of security properties for RTL hardware designs
Proceedings of the Workshop on Embedded Systems Security
Hi-index | 0.00 |
This paper proposes a formalization and verification technique for security specifications, based on common criteria. Generally, it is difficult to define reliable security properties that should be applied to validate an information system. Therefore, we have applied security functional requirements that are defined in the ISO/IEC 15408 common criteria to the formal verification of security specifications. We formalized the security criteria of ISO/IEC 15408 and developed a process, using Z notation, for verifying security specifications. We also demonstrate some examples of the verification instances using the theorem prover Z/EVES. In the verification process, one can verify strictly whether specifications satisfy the security criteria defined in ISO/IEC 15408.