Институт системного программирования им. В.П. Иванникова РАН


Formal Verification of OS Security Model with Alloy and Event-B.

Авторы

Petr N. Devyanin, Alexey V. Khoroshilov, Victor V. Kuliamin, Alexander K. Petrenko, Ilya V. Shchepetkov.

Аннотация

The paper presents a work-in-progress on formal verification of operating system security model, which integrates control of confi- dentiality and integrity levels with role-based access control. The main goal is to formalize completely the security model and to prove its consistency and conformance to basic correctness requirements concerning keeping levels of integrity and confidentiality. Additional goal is to perform data flow analysis of the model to check whether it can preserve security in the face of certain attacks. Alloy and Event-B were used for formalization and verification of the model. Alloy was applied to provide quick constraint-based checking and uncover various issues concerning inconsistency or incompleteness of the model. Event-B was applied for full-scale deductive verification. Both tools worked well on first steps of model development, while after certain complexity was reached Alloy began to demonstrate some scalability issues.

Полный текст статьи в формате pdf (на английском)

Ключевые слова

formal verification, deductive verification, Alloy, Event-B, OS security model

Издание

Proceedings of the 4th International Conference, ABZ 2014, pages 309-314.

DOI: 10.1007/978-3-662-43652-3_30

ISBN: 978-3-662-43651-6

Научная группа

Технологии программирования

Все публикации за 2014 год Все публикации