Information system security function validating using model checking

Author

Ma, Jianli ; Xu, Guoai ; Yang, Yixian ; Ji, Yong

Author_Institution

State Key Lab. of Networking & Switching Technol., Beijing Univ. of Posts & Telecommun., Beijing, China

Volume

1

fYear

2010

fDate

16-18 April 2010

Abstract

Information systems will be encountered more and more security threats due to the development of computer attack method and technology. Generally, different security policies are used to protect the sensitive information in these systems. There has been a lot of study on security policy conformance and completeness verification and validation. However, there have few researches to validate whether the system behaviors satisfy the security policies. A model checking based information system security function validation method is proposed to validate the conformance between the system security solutions and the security policies in this paper. The system behaviors and the security policies are modeled separately, and the consistency between them is validated using the model checker SPIN.

Keywords

formal verification; security of data; completeness verification; computer attack method; model checker SPIN; model checking based information system security function validation method; security policy conformance; security threats; Computer networks; Computer security; Information security; Information systems; Laboratories; Logic; Management information systems; Protection; Systems engineering and theory; Telecommunication computing; conformance; model checking; security policy; validation;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Engineering and Technology (ICCET), 2010 2nd International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-6347-3

Type

conf

DOI

10.1109/ICCET.2010.5486002

Filename

5486002