1 / 6

VALIDATION OF INTEGRATED POLICY USING ALLOY

VALIDATION OF INTEGRATED POLICY USING ALLOY. Manachai Toahchoodee Manachai@lamar.colostate.edu. Motivation. Various security policies operating together in the same system Integration of policies might need to achieve the desired security requirements

galen
Download Presentation

VALIDATION OF INTEGRATED POLICY USING ALLOY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VALIDATION OF INTEGRATED POLICY USING ALLOY Manachai Toahchoodee Manachai@lamar.colostate.edu

  2. Motivation • Various security policies operating together in the same system • Integration of policies might need to achieve the desired security requirements • Tool is required to model and validate the integrated policyBackground

  3. Our Approach • Transform integrated policy to the form of algebra [Bonatti, Vimercati, Samarati] • Model the transformed policy using Alloy • Validate policy using Alloy analyzer tool

  4. Benefits • Ensure the validity of integrated policy • Simplify the policy • Automatically validate • Make the policy comply with the requirement

  5. References (1) • François Siewe, Antonio Cau, Hussein Zedan, “A compositional framework for access control policies enforcement” • Piero Bonatti, Sabrina De Capitani di Vimercati, Pierangela Samarati, “An algebra for composing access control policies” • Piero Bonatti, Sabrina De Capitani di Vimercati, Pierangela Samarati, “A modular approach to composing access control policies”

  6. References (2) • Hilary H. Hosmer, “The multipolicy paradigm for trusted systems”

More Related