Heterogeneous Security Policy Validation: From Formal to Executable Specifications
|
| Title | Heterogeneous Security Policy Validation: From Formal to Executable Specifications |
| Authors | |
| Abstract | This paper develops a prototyping technique for information systems security policies. Starting from the algebraic specification of a security policy, we derive an executable specification that represents a prototype of the actual policy. Executing the specification allows determining sequences of actions that lead to security policy violations. We propose a composition framework to build compound algebraic specifications. We show that the mechanism we provide to translate algebraic specifications to executable specifications preserves the composition rules, which is of utmost importance from the engineering perspective. Through accurate examples, we show how executables specifications can be used in conjunction with formal specification in the frame of the security policy engineering process. |
| Publisher | ACADEMY PUBLISHER |
| Date | 2008-11-01 |
| Source | Journal of Networks Vol 3, No 8 (2008) |
| Rights | Copyright © ACADEMY PUBLISHER - All Rights Reserved.To request permission, please check out URL: http://www.academypublisher.com/copyrightpermission.html. |