[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/986655.986665acmconferencesArticle/Chapter ViewAbstractPublication PagesnspwConference Proceedingsconference-collections
Article

Security check: a formal yet practical framework for secure software architecture

Published: 13 August 2003 Publication History

Abstract

With security becoming an important concern for both users as well as designers of large-scale software systems, it is necessary to introduce security considerations very early in the system development life-cycle namely in the modeling phase itself. But the main problem in the widespread adoption of security modeling has been that representations of even moderate-size systems consume so much memory (due to the infamous state space explosion problem) that designers are loathe to spend time increasing the complexity of their models by introducing security aspects in the design phase itself. In this paper we propose a technique called security check which entails taking small units of a system, putting them in a "security harness" that exercises relevant executions appropriately within the unit, and then model checking these more tractable units. For most systems whose security requirements are localized to individual system components or interactions between small numbers of components, security check offers a means of coping with state explosion. Another major benefit of security check is that it enables us to detect system vulnerabilities even when the attack behavior is not known. And for known attack patterns security check can provide models of suspicious behavior which can then be used for intrusion detection at a later stage.

References

[1]
B. Alpern and F. Schneider. Recognizing safety and liveness. Distributed Computing, 2(3): 117--126, 1987.]]
[2]
Thomas Ball and Sriram K. Rajamani. Bebop: A symbolic model checker for boolean programs. SPIN 2000 Workshop on Model Checking of Software, 2000.]]
[3]
E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, Cambridge, Massachusetts, 2000.]]
[4]
R. Cleaveland, E. Madelaine, and S. Sims. A front-end generator for verification tools, pages 153--173.]]
[5]
R. Cleaveland, J. Parrow, and B. Steffen. The Concurrency Workbench: A semantics-based tool for the verification of finite-state systems. ACM Transactions on Programming Languages and Systems, 15(1):36--72, January 1993.]]
[6]
R. Cleaveland and S. Sims. The NCSU Concurrency Workbench. pages 394--397.]]
[7]
D. Harel. Statecharts:a visual formalism for complex systems. Science of Computer Programming,8, pages 231--274, 1987.]]
[8]
Dawson Engler, Benjamin Chelf, Andy Chou, and Seth Hallem. Checking system rules using system-specific, programmer-written compiler extensions. Operating Systems Design and Implementation, 2002.]]
[9]
David Evans, John Guttag, Jim Horning, and Yang Meng Tan. Lclint: A tool for using specifications to check code. SIGSOFT Symposium on the Foundations of Software Engineering, December 1994.]]
[10]
J.-C. Fernandez. An implementation of an efficient algorithm for bisimulation equivalence. Science of Computer Programming, 13:219--236, 1989/1990.]]
[11]
R. Focardi and R. Gorrieri. The compositional security checker:a tool for the verification of information flow security policies. IEEE Transactions on Software Engineering 23(9):550--571, September 1997.]]
[12]
Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar, and Gregoire Sutre. Lazy abstraction. ACM Principles Of Programming Languages, 2002.]]
[13]
P. Kanellakis and S. A. Smolka. CCS expressions, finite state processes, and three problems of equivalence. Information and Computation, 86(1):43--68, May 1990.]]
[14]
D. Kozen. Results on the propositional μ-calculus. Theoretical Computer Science, 27(3):333--354, December 1983.]]
[15]
Z. Manna and A. Pnueli. The Temporal Logic of Reactive and Concurrent Systems. Springer-Verlag, Berlin, 1992.]]
[16]
Faron Moller and Chris Tofts. A temporal calculus of communicating systems. Proceedings of CONCUR'90, 1990.]]
[17]
R. Paige and R. E. Tarjan. Three partition refinement algorithms. SIAM Journal of Computing, 16(6):973--989, December 1987.]]
[18]
G. D. Plotkin. A structural approach to operational semantics. Technical Report DAIMI-FN-19, Computer Science Department, Aarhus University, Aarhus, Denmark, 1981.]]
[19]
A. Pnueli. The temporal logic of programs. In 18th Annual Symposium on Foundations of Computer Science, pages 46--57, Providence, Rhode Island, October/November 1977. IEEE.]]
[20]
Arnab Ray and Rance Cleavel and. Unit verification: The cara experiences. To be published in Software Tools For Technology Transfer.]]
[21]
R. Cleaveland and S. Sims. Generic tools for verifying concurrent systems. Science of Computer Programming, 41(1):39--47, 2002.]]
[22]
R. Milner. A calculus of communicating systems. Lecture Notes in Computer Science, 1980.]]
[23]
Fred Schneider. A language-based approach to security. informatics: 10 years back, 10 years ahead. Lecture Notes in Computer Science, Volume 2000 (Reihnard Wilhelm, ed.), Springer-Verlag, 2000.]]
[24]
Fred Schneider. Enforcable security policies. ACM Transactions on Information and System Security, January 2000.]]
[25]
R. Sekar and P. Uppuluri. Synthesizing fast intrusion detection/prevention systems from high-level specifications. USENIX Security Symposium, 1999.]]
[26]
F. Simon. Aggregation and separation as non-interference properties. The Journal Of Computer Security, 1(2):159--188, 1992., 1992.]]

Cited By

View all
  • (2018)Specification, verification, and quantification of security in model-based systemsComputing10.1007/s00607-015-0445-x97:7(691-711)Online publication date: 31-Dec-2018
  • (2009)Risk-Driven Architectural Decomposition2009 International Conference on Availability, Reliability and Security10.1109/ARES.2009.32(363-368)Online publication date: Mar-2009

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
NSPW '03: Proceedings of the 2003 workshop on New security paradigms
August 2003
127 pages
ISBN:1581138806
DOI:10.1145/986655
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 August 2003

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Article

Conference

NSPW03
Sponsor:
NSPW03: New Security Paradigms and Workshop
August 18 - 21, 2003
Ascona, Switzerland

Acceptance Rates

Overall Acceptance Rate 98 of 265 submissions, 37%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 10 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2018)Specification, verification, and quantification of security in model-based systemsComputing10.1007/s00607-015-0445-x97:7(691-711)Online publication date: 31-Dec-2018
  • (2009)Risk-Driven Architectural Decomposition2009 International Conference on Availability, Reliability and Security10.1109/ARES.2009.32(363-368)Online publication date: Mar-2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media