Title :
Hybrid Multi-module Security Policy Verification
Author :
Kotenko, Igor ; Chervatuk, Olga ; Sidelnikova, Ekaterina ; Tishkov, Artem
Author_Institution :
St. Petersburg Inst. for Informatics & Autom., St. Petersburg
Abstract :
To build a powerful and flexible security policy verification tool, it is very important to use the approach which allows covering all possible inconsistencies, has open (extendable) architecture and efficient verification implementation. We suggest using a family of different verification modules each of which can work with acceptable computational complexity for the particular types of conflicts, the system scale and the policy complication. The poster describes a common approach to security policy verification and presents a novel hybrid multi-module security checker (SEC) software tool that can serve as a security policy debugger for various categories of security policy, including authentication, authorization, filtering, channel protection and operational rules.
Keywords :
authorisation; computational complexity; filtering theory; formal verification; message authentication; program debugging; software architecture; software tools; authentication; authorization; channel protection; computational complexity; extendable architecture; filtering; multimodule security policy verification; open architecture; operational rules; security policy debugger; software tool; Authentication; Authorization; Automation; Computational complexity; Computer architecture; Data security; Filtering; Informatics; Information security; Software tools;
Conference_Titel :
Policies for Distributed Systems and Networks, 2007. POLICY '07. Eighth IEEE International Workshop on
Conference_Location :
Bologna
Print_ISBN :
0-7695-2767-1
DOI :
10.1109/POLICY.2007.25
