Resource: Wissam Mallouli, Fayc ̧al Bessayah, Ana R. Cavalli, and Azzedine Benameur. Security rules specification and analysis based on passive testing. In Proc. of the Global Communications Conference on Exhibition and Industry Forum Co-located with WTC (GLOBECOM’08), New Orleans, LA, USA, pages 2078–2083. IEEE, November-December 2008.
"A security policy is a set of rules that defines the desired behavior of users within an information system. Its main goal is to describe how data and other critical system resources are protected. If a security policy is written in a natural language specifying for example: ‘file F is only accessible from terminal T in the context C’, it will be very difficult to verify its correct implementation using an automatic testing approach because it is a completely informal specification. Consequently, if such verification is not performed, there is no guarantee that the security rules of the system are properly implemented".
"To guarantee that the system respects its security policy, we can rely on formal testing based methods. The main ones are (i) the active testing which validates a system implementation by applying a set of security test cases and analyzing its reaction and (ii) the monitoring (or passive testing) that consists in observing, during the execution, whether the system behavior is conform according to its functional and security formal specification".
"To perform this analysis, we rely on a dedicated formal language to describe the security requirements of the system. Then, we check using well adapted algorithms whether these security rules are verified on the collected traces to deduce the appropriate verdict about the system security conformance".
To ensure that a certain level of security is always maintained, the system behavior must be restrained by a security policy. A security policy is a set of rules that regulates the nature and the context of actions that can be performed within a system, according to specific roles. As an exam- ple, such policy can tackle the interactions between a network infrastructure and Internet or manage accounts and rights toward an operating system or a database. Generally, a security policy is written by the mean of a natural lan- guage specification, containing statements such as “this file must be accessible only to authorized users” or “all ports are closed except for 21 (ftp), 22 (ssh) and 80 (www)”.
The main problem is that it is quite difficult to verify whether a system implementation conforms to its policy. However, if one can not ensure this conformance, the global security can not be guaranteed anymore. Most current work only concentrate to define meta-languages in order to ex- press security policies and provide unambiguous rules. Once the security policy is formally specified, it is essential to prove that the target system imple- ments this policy by (1) injecting this policy in the system considered or (2) specifying formally the target system and generating proofs that this system implements the security policy or (3) by considering several strategies of formal tests.
"A security policy is a set of rules that defines the desired behavior of users within an information system. Its main goal is to describe how data and other critical system resources are protected. If a security policy is written in a natural language specifying for example: ‘file F is only accessible from terminal T in the context C’, it will be very difficult to verify its correct implementation using an automatic testing approach because it is a completely informal specification. Consequently, if such verification is not performed, there is no guarantee that the security rules of the system are properly implemented".
"To guarantee that the system respects its security policy, we can rely on formal testing based methods. The main ones are (i) the active testing which validates a system implementation by applying a set of security test cases and analyzing its reaction and (ii) the monitoring (or passive testing) that consists in observing, during the execution, whether the system behavior is conform according to its functional and security formal specification".
"To perform this analysis, we rely on a dedicated formal language to describe the security requirements of the system. Then, we check using well adapted algorithms whether these security rules are verified on the collected traces to deduce the appropriate verdict about the system security conformance".
W. Mallouli, J.-M. Orset, A. R.
Cavalli, N. Cuppens-Boulahia, and F. Cuppens. A formal approach for testing
security rules. In V. Lotz and B. M. Thuraisingham, editors, SACMAT, pages
127–132. ACM, 2007.
To ensure that a certain level of security is always maintained, the system behavior must be restrained by a security policy. A security policy is a set of rules that regulates the nature and the context of actions that can be performed within a system, according to specific roles. As an exam- ple, such policy can tackle the interactions between a network infrastructure and Internet or manage accounts and rights toward an operating system or a database. Generally, a security policy is written by the mean of a natural lan- guage specification, containing statements such as “this file must be accessible only to authorized users” or “all ports are closed except for 21 (ftp), 22 (ssh) and 80 (www)”.
The main problem is that it is quite difficult to verify whether a system implementation conforms to its policy. However, if one can not ensure this conformance, the global security can not be guaranteed anymore. Most current work only concentrate to define meta-languages in order to ex- press security policies and provide unambiguous rules. Once the security policy is formally specified, it is essential to prove that the target system imple- ments this policy by (1) injecting this policy in the system considered or (2) specifying formally the target system and generating proofs that this system implements the security policy or (3) by considering several strategies of formal tests.