Title :
Security specification and verification
Author_Institution :
Distributed Syst. Group, Tech. Univ. of Vienna, Austria
Abstract :
Formalizing security requirements has received a significant attention since the 70s. However a general method for specifying security requirements is still missing. Especially, little work has been presented on specifying and verifying that a given application is a secure resource consumer The purpose of this work is to set up a methodology for (1) specifying security requirements of service providers and (2) proving that some application securely uses some resources. The developed theory will be evaluated and applied in two different areas: secure mobile code development and secure COTS-based software development.
Keywords :
formal specification; formal verification; security of data; secure COTS-based software development; secure mobile code development; security requirements; security specification; security verification; service providers; Application software; Computer security; Multilevel systems; Power engineering and energy; Power engineering computing; Power generation; Power system security; Programming; Software engineering; Testing;
Conference_Titel :
Automated Software Engineering, 2001. (ASE 2001). Proceedings. 16th Annual International Conference on
Print_ISBN :
0-7695-1426-X
DOI :
10.1109/ASE.2001.989847
