Filters








67,852 Hits in 4.7 sec

A Security Policy Model Transformation and Verification Approach for Software Defined Networking [article]

Yunfei Meng and Zhiqiu Huang and Guohua Shen and Changbo Ke
2020 arXiv   pre-print
In order to verify SDN system model updated by the generated FTM models can hold the security properties defined in SPM models, we design a security policy verification system based on model checking.  ...  Based on these insights, we propose a security policy model transformation and verification approach for SDN in this paper.  ...  This paper has been sponsored and supported by National Natural Science Foundation of China (Grant No.61772270), partially supported by National Natural Science Foundation of China (Grant No.61602262).  ... 
arXiv:2005.13206v2 fatcat:xyjioekxobexrdw277xkqlopzy

Security (Hyper-)properties in Workflow Systems: From Specification to Verification

Thomas Bauereiss, Dieter Hutter
2014 Engineering Secure Software and Systems  
We build upon existing verification techniques for a specific notion of information flow security, and intend to apply our results to concrete example systems such as a secure web-based conference management  ...  Our work aims at improving and integrating existing formal verification techniques into a framework for the specification and verification of typical security requirements of large-scale, distributed workflow  ...  We propose to use compositionality also for the integrated verification of information flow security and safety properties [3] .  ... 
dblp:conf/essos/BauereissH14 fatcat:e4gffbjx3jgoleuv4kljuxg3zm

Proof-Carrying Code Based Tool for Secure Information Flow of Assembly Programs

Muthana
2009 Journal of Computer Science  
A mobile program (in its assembly form) was analyzed for information flow security based on the concept of proof-carrying code.  ...  Results: A verification tool for verifying assembly programs for information flow security was built.  ...  A satisfaction of confidentiality means that a program has secure information flow. The information flow property is formalized based on the notion of non-interference.  ... 
doi:10.3844/jcssp.2009.163.171 fatcat:uyjcq4aohjcl5huj2rnnlj2aoi

Proof-Carrying Code Based Tool for Secure Information Flow of Assembly Programs

Mahmod
2009 Journal of Computer Science  
A mobile program (in its assembly form) was analyzed for information flow security based on the concept of proof-carrying code.  ...  Results: A verification tool for verifying assembly programs for information flow security was built.  ...  A satisfaction of confidentiality means that a program has secure information flow. The information flow property is formalized based on the notion of non-interference.  ... 
doi:10.3844/jcs.2009.163.171 fatcat:l4d3l24mrjb3vcmauzaxkhsbom

Secure information flow awareness for smart wireless eHealth systems

Stefan Pfeiffer, Sebastian Unger, Dirk Timmermann, Andreas Lehmann
2012 International Multi-Conference on Systems, Sygnals & Devices  
That is why there is a need for formally-based and tool supported verification methods of security properties.  ...  Due to the rapidly increasing complexity of these systems, finding information flow violations manually is nearly impossible.  ...  ACKNOWLEDGMENT This work was partially funded by the DFG (German research foundation) in the project WS4Dsec in the priority programme Reliably Secure Software Systems (SPP1496).  ... 
doi:10.1109/ssd.2012.6198123 dblp:conf/IEEEssd/PfeifferUTL12 fatcat:vpumrwzfyraupdyu7x7nrsyjmi

Static verification of security requirements in role based CSCW systems

Tanvir Ahmed, Anand R. Tripathi
2003 Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03  
We have developed several verification models to check security properties, such as task-flow constraints, information flow or confidentiality, and assignment of administrative privileges.  ...  The coordination and security constraints of CSCW systems are specified using a role based collaboration model.  ...  Like our work, other RBAC models, such as Task Based Access Control (TBAC) [25] , Team Based Access Control (TMAC) [24] , role based management [13] , and role based active security [1] address issues  ... 
doi:10.1145/775436.775438 fatcat:3s74lyql7bhgzpocforx2oixwq

Static verification of security requirements in role based CSCW systems

Tanvir Ahmed, Anand R. Tripathi
2003 Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03  
We have developed several verification models to check security properties, such as task-flow constraints, information flow or confidentiality, and assignment of administrative privileges.  ...  The coordination and security constraints of CSCW systems are specified using a role based collaboration model.  ...  Like our work, other RBAC models, such as Task Based Access Control (TBAC) [25] , Team Based Access Control (TMAC) [24] , role based management [13] , and role based active security [1] address issues  ... 
doi:10.1145/775412.775438 dblp:conf/sacmat/AhmedT03 fatcat:mbsf6wcpfjc6fb55z55re6x3wm

Formal Methods Research at SICS and KTH

Mads Dam, Lars-Åke Fredlund, Dillian Gurov
2003 Electronical Notes in Theoretical Computer Science  
using call-graph abstractions and compositional techniques; (iii) Formalisation and analysis of security properties, in the areas of information flow control, authorisation, and verification of security  ...  To deal with post-issuence loading, we adopt a compositional approach to verification, allowing global control-flow properties of the whole system to be reduced to local controlflow properties of the individual  ... 
doi:10.1016/s1571-0661(04)80824-7 fatcat:3rhsokuaw5haxa32nhwne63h7q

A survey on formal specification and verification of separation kernels [article]

Yongwang Zhao
2016 arXiv   pre-print
Separation kernels are fundamental software of safety and security-critical systems, which provide to their hosted applications spatial and temporal separation as well as controlled information flows among  ...  This paper presents an overview of formal specification and verification of separation kernels.  ...  MILS is a high-assurance security architecture based on the concepts of separation [1] and controlled information flow [3] .  ... 
arXiv:1508.07066v3 fatcat:o6rltzjp4vf4jeifjddfbtmuv4

Software Security in Virtualized Infrastructures — The Smart Meter Example

Bernhard Beckert, Dennis Hofheinz, Jörn Müller-Quade, Alexander Pretschner, Gregor Snelting
2011 it - Information Technology  
We show that approaches based on homomorphic encryption, proof-carrying code, information flow control, deductive verification, and runtime verification are promising candidates for providing solutions  ...  Challenges to software dependability, in particular software security will be enormous.  ...  We also plan to adapt the concept of ownership to the verification of information-flow properties.  ... 
doi:10.1524/itit.2011.0636 fatcat:ignnbvhmrjaznd6gobc3hoxhnq

AKER: A Design and Verification Framework for Safe andSecure SoC Access Control [article]

Francesco Restuccia, Andres Meza, Ryan Kastner
2021 arXiv   pre-print
To ensure the access control system is functioning correctly and securely, AKER provides a property-driven security verification using MITRE common weakness enumerations.  ...  AKER is a design and verification framework for SoC access control.  ...  This provides high assurance on the secure operation of AKER-based access control systems. The security verification is done at three levels: the IP level, the firmware level, and the system level.  ... 
arXiv:2106.13263v1 fatcat:ikwajwmyavgx7pxi64lhob5qfq

HardFails: Insights into Software-Exploitable Hardware Bugs

Ghada Dessouky, David Gens, Patrick Haney, Garrett Persyn, Arun K. Kanuparthi, Hareesh Khattri, Jason M. Fung, Ahmad-Reza Sadeghi, Jeyavijayan Rajendran
2019 USENIX Security Symposium  
Based on our testbed, we conduct two extensive case studies to analyze the effectiveness of state-of-the-art security verification approaches and identify specific classes of vulnerabilities, which we  ...  Although the semiconductor industry employs a combination of different verification techniques to ensure the security of System-on-Chip (SoC) designs, a growing number of increasingly sophisticated attacks  ...  We would also like to acknowledge the co-organizers of Hack@DAC: Dan Holcomb (UMass-Amherst), Siddharth Garg (NYU), and Sourav Sudhir (TAMU), and the sponsors of Hack@DAC: the National Science Foundation  ... 
dblp:conf/uss/DessoukyGHPKKFS19 fatcat:nffg6ywb2jgidday7dp5g6sn4y

When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs [article]

Ghada Dessouky, David Gens, Patrick Haney, Garrett Persyn, Arun Kanuparthi, Hareesh Khattri, Jason M. Fung, Ahmad-Reza Sadeghi, Jeyavijayan Rajendran
2018 arXiv   pre-print
inserted security bugs in SoC RTL designs, and an in-depth systematic evaluation of state-of-the-art verification approaches.  ...  We base our findings on two extensive case studies: the recent Hack@DAC 2018 hardware security competition, where 54 independent teams of researchers competed world-wide over a period of 12 weeks to catch  ...  Our results in this study are based on two formal techniques: Formal Property Verification (FPV) and Security Path Verification (SPV) [17] .  ... 
arXiv:1812.00197v1 fatcat:5glutvm4tzarza7dwh3kk75bhe

Framework for the Formal Specification and Verification of Security Guidelines

Zeineb Zhioua, Rabea Ameur-Boulifa, Yves Roudier
2018 Advances in Science, Technology and Engineering Systems  
We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.  ...  Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification.  ...  GraphMatch is more focused on control-flow security properties and mainly on the order and sequence of instructions, based on the mapping with security patterns.  ... 
doi:10.25046/aj030106 fatcat:p6hdgic4nzak5mfbyhyhchfudi

Proof-based Verification of Software Defined Networks

Chen Chen, Limin Jia, Wenchao Zhou, Boon Thau Loo
2014 Open Networking Summit  
However, due to the highly dynamic nature of SDN, verification of more complex security properties is still challenging.  ...  Below is an example property of our example program: Reactive flow installation: the controller adds a flow entry to a switch only after the controller receives a corresponding openflow packet from that  ... 
dblp:conf/ons/ChenJZL14 fatcat:q3d4zydc65fbnllpav75aq3i2y
« Previous Showing results 1 — 15 out of 67,852 results