Verifying Security Policies using Host Attributes
Cryptography and Security
2016-04-04 v1 Networking and Internet Architecture
Software Engineering
Abstract
For the formal verification of a network security policy, it is crucial to express the verification goals. These formal goals, called security invariants, should be easy to express for the end user. Focusing on access control and information flow security strategies, this work discovers and proves universal insights about security invariants. This enables secure and convenient auto-completion of host attribute configurations. We demonstrate our results in a civil aviation scenario. All results are machine-verified with the Isabelle/HOL theorem prover.
Cite
@article{arxiv.1604.00204,
title = {Verifying Security Policies using Host Attributes},
author = {Cornelius Diekmann and Stephan-A. Posselt and Heiko Niedermayer and Holger Kinkelin and Oliver Hanka and Georg Carle},
journal= {arXiv preprint arXiv:1604.00204},
year = {2016}
}
Comments
In FORTE - 34th IFIP International Conference on Formal Techniques for Distributed Objects, Components and Systems, Berlin, Germany, June 2014