Title: | a language for secure requirement description based on information flow |
Author: | Cheng Liang
; Zhang Yang
; Feng Dengguo
|
Source: | Proceedings - 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems, ICIS 2010
|
Conference Name: | 2010 IEEE International Conference on Intelligent Computing and Intelligent Systems, ICIS 2010
|
Conference Date: | 40845
|
Issued Date: | 2010
|
Conference Place: | Xiamen, China
|
Keyword: | Intelligent systems
; Mathematical models
; Model checking
; Security of data
; Translation (languages)
|
Publish Place: | United States
|
Indexed Type: | EI
|
ISBN: | 9781420000000
|
Department: | (1) State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China
|
Sponsorship: | IEEE Beijing Section; Xiamen University; Fujian Association for Artificial Intelligence (FAAI); Shanghai Jiaotong University; Iwate Prefectural University
|
English Abstract: | The verification of policy configuration is the key point during the security analysis of SELinux. Most of current verification methods focus on the construction of policy configurations mathematical model, rather than the difficulty of security requirements description for the verifiers. A new security requirement description language (SRDL) based on the theory of information flow is proposed, whose syntax is irrelevant with the verification tools logic systems. Without knowing the mathematical logic behind those verification tools, every requirement can be represented as one or more information flows with SRDL by the verifier. The complier of SRDL could translate these flows into verification tools input automatically. Such a SRDL complier is implemented for the analysis of SELinux. It can translate SRDLs flows into the input model of NuSMV, a wildly used model checker. ©2010 IEEE. |
Content Type: | 会议论文
|
URI: | http://ir.iscas.ac.cn/handle/311060/8602
|
Appears in Collections: | 信息安全国家重点实验室_会议论文
|
File Name/ File Size |
Content Type |
Version |
Access |
License |
|
05658325.pdf(435KB) | -- | -- | 限制开放 | -- | 联系获取全文 |
|
Recommended Citation: |
Cheng Liang,Zhang Yang,Feng Dengguo. a language for secure requirement description based on information flow[C]. 见:2010 IEEE International Conference on Intelligent Computing and Intelligent Systems, ICIS 2010. Xiamen, China. 40845.
|
|
|