Integrated Specification And Verification Of Security Protocols And Policies
2011 IEEE 24TH COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF)(2011)
摘要
We propose a language for formal specification of service-oriented architectures. The language supports the integrated specification of communication level events, policy level decisions, and the interaction between the two. We show that the reachability problem is decidable for a fragment of service-oriented architectures. The decidable fragment is well suited for specifying, and reasoning about, security-sensitive architectures. In the decidable fragment, the attacker controls the communication media. The policies of services are centered around the trust application and trust delegation rules, and can also express RBAC systems with role hierarchy. The fragment is of immediate practical relevance: We report on the specification and verification of two security-sensitive architectures, stemming from the e-government and e-health domains.
更多查看译文
关键词
decidable fragment,formal specification,communication media,trust application,security protocols,security-sensitive architecture,integrated specification,trust delegation rule,service-oriented architecture,communication level event,policy level decision,formal method,protocols,security protocol,authorisation,computer architecture,service oriented architectures,access control,government policies,formal verification,public key,authorization,formal methods,cryptographic protocols,e government,engines,service oriented architecture,decidability
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要