Accéder directement au contenu Accéder directement à la navigation
Communication dans un congrès

Model-checking for Secured Component Implementation.

Obeid Fadi Philippe Dhaussy 1
1 Lab-STICC_ENSTAB_ CACS_MOCS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : A security pattern is a reusable solution for a specific security issue. Based on an insecure model, and using a combination of security patterns, we can generate a model respecting some security requirements constituting a security policy. The resulting model needs to fulfill the security requirements without affecting the original functionalities and services. The security patterns need to be consistent with each others, as well as the model, they also need to cover the whole security spectrum resulting in completeness. We can use model checking techniques in order to insure the correct functionality, as well as the consistency and completeness of the generated model. In this paper, we describe our approach to combine an architectural model with security patterns to generate a secure model. This model is later verified using model checking techniques to validate the properties of the model itself as well as the used patterns. Finally, using an experimental use case, we demonstrate the possible spatial complexity of our approach.
Type de document :
Communication dans un congrès
Liste complète des métadonnées

https://hal-ensta-bretagne.archives-ouvertes.fr/hal-01864787
Contributeur : Marie Briec <>
Soumis le : jeudi 30 août 2018 - 14:38:38
Dernière modification le : mercredi 24 juin 2020 - 16:19:52

Identifiants

  • HAL Id : hal-01864787, version 1

Citation

Obeid Fadi, Philippe Dhaussy. Model-checking for Secured Component Implementation.. 17th International Conference on Security and Management (SAM’18), Jul 2018, Las Vegas, United States. ⟨hal-01864787⟩

Partager

Métriques

Consultations de la notice

57