Formal Development of a Secure Access Control Filter

Amel Mammar; Thi Mai Nguyen; Régine Laleau

doi:10.1109/HASE.2016.10

Formal Development of a Secure Access Control Filter

Amel Mammar, Thi Mai Nguyen, Régine Laleau

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

With the advent of the internet, most organizations offer more and more access to their information systems in order to increase their benefits. However, such an opening may cause security issues if sufficient precautions are not taken. An adequate solution to secure access to information systems consists in (1) defining the sufficient security policies and (2) ensuring their correct deployment on a given technological infrastructure. The present paper deals with the first point by introducing a formal approach that permits to develop a secure filter for an information system that respects different kinds of security rules: functional, static and dynamic rules. The proposed approach uses the SecureUML language to express the static rules and adapts the UML activity diagrams for dynamic ones while the structure of the manipulated data and the functionalities are expressed using a UML class diagram. Starting from these graphical notations, the approach consists in mapping them into a B formal specification to ensure their consistency and validate the system. Finally, a proved filter, which permits to take into account different security rules, is formally derived using the B refinement technique.

Original language	English
Title of host publication	Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016
Editors	Radu Babiceanu, Helene Waeselynck, Jie Xu, Raymond A. Paul, Bojan Cukic
Publisher	IEEE Computer Society
Pages	173-180
Number of pages	8
ISBN (Electronic)	9781467399128
DOIs	https://doi.org/10.1109/HASE.2016.10
Publication status	Published - 1 Mar 2016
Externally published	Yes
Event	17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016 - Orlando, United States Duration: 7 Jan 2016 → 9 Jan 2016

Publication series

Name	Proceedings of IEEE International Symposium on High Assurance Systems Engineering
Volume	2016-March
ISSN (Print)	1530-2059

Conference

Conference	17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016
Country/Territory	United States
City	Orlando
Period	7/01/16 → 9/01/16

Keywords

Formal Method
Information Systems
Secure Filter
Verification

Access to Document

10.1109/HASE.2016.10

Cite this

Mammar, A., Nguyen, T. M., & Laleau, R. (2016). Formal Development of a Secure Access Control Filter. In R. Babiceanu, H. Waeselynck, J. Xu, R. A. Paul, & B. Cukic (Eds.), Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016 (pp. 173-180). Article 7423149 (Proceedings of IEEE International Symposium on High Assurance Systems Engineering; Vol. 2016-March). IEEE Computer Society. https://doi.org/10.1109/HASE.2016.10

Mammar, Amel ; Nguyen, Thi Mai ; Laleau, Régine. / Formal Development of a Secure Access Control Filter. Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016. editor / Radu Babiceanu ; Helene Waeselynck ; Jie Xu ; Raymond A. Paul ; Bojan Cukic. IEEE Computer Society, 2016. pp. 173-180 (Proceedings of IEEE International Symposium on High Assurance Systems Engineering).

@inproceedings{e2fab09dd5d945cfa6f6c41f6c1296dc,

title = "Formal Development of a Secure Access Control Filter",

abstract = "With the advent of the internet, most organizations offer more and more access to their information systems in order to increase their benefits. However, such an opening may cause security issues if sufficient precautions are not taken. An adequate solution to secure access to information systems consists in (1) defining the sufficient security policies and (2) ensuring their correct deployment on a given technological infrastructure. The present paper deals with the first point by introducing a formal approach that permits to develop a secure filter for an information system that respects different kinds of security rules: functional, static and dynamic rules. The proposed approach uses the SecureUML language to express the static rules and adapts the UML activity diagrams for dynamic ones while the structure of the manipulated data and the functionalities are expressed using a UML class diagram. Starting from these graphical notations, the approach consists in mapping them into a B formal specification to ensure their consistency and validate the system. Finally, a proved filter, which permits to take into account different security rules, is formally derived using the B refinement technique.",

keywords = "Formal Method, Information Systems, Secure Filter, Verification",

author = "Amel Mammar and Nguyen, \{Thi Mai\} and R{\'e}gine Laleau",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016 ; Conference date: 07-01-2016 Through 09-01-2016",

year = "2016",

month = mar,

day = "1",

doi = "10.1109/HASE.2016.10",

language = "English",

series = "Proceedings of IEEE International Symposium on High Assurance Systems Engineering",

publisher = "IEEE Computer Society",

pages = "173--180",

editor = "Radu Babiceanu and Helene Waeselynck and Jie Xu and Paul, \{Raymond A.\} and Bojan Cukic",

booktitle = "Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016",

}

Mammar, A, Nguyen, TM & Laleau, R 2016, Formal Development of a Secure Access Control Filter. in R Babiceanu, H Waeselynck, J Xu, RA Paul & B Cukic (eds), Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016., 7423149, Proceedings of IEEE International Symposium on High Assurance Systems Engineering, vol. 2016-March, IEEE Computer Society, pp. 173-180, 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016, Orlando, United States, 7/01/16. https://doi.org/10.1109/HASE.2016.10

Formal Development of a Secure Access Control Filter. / Mammar, Amel; Nguyen, Thi Mai; Laleau, Régine.
Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016. ed. / Radu Babiceanu; Helene Waeselynck; Jie Xu; Raymond A. Paul; Bojan Cukic. IEEE Computer Society, 2016. p. 173-180 7423149 (Proceedings of IEEE International Symposium on High Assurance Systems Engineering; Vol. 2016-March).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Formal Development of a Secure Access Control Filter

AU - Mammar, Amel

AU - Nguyen, Thi Mai

AU - Laleau, Régine

PY - 2016/3/1

Y1 - 2016/3/1

N2 - With the advent of the internet, most organizations offer more and more access to their information systems in order to increase their benefits. However, such an opening may cause security issues if sufficient precautions are not taken. An adequate solution to secure access to information systems consists in (1) defining the sufficient security policies and (2) ensuring their correct deployment on a given technological infrastructure. The present paper deals with the first point by introducing a formal approach that permits to develop a secure filter for an information system that respects different kinds of security rules: functional, static and dynamic rules. The proposed approach uses the SecureUML language to express the static rules and adapts the UML activity diagrams for dynamic ones while the structure of the manipulated data and the functionalities are expressed using a UML class diagram. Starting from these graphical notations, the approach consists in mapping them into a B formal specification to ensure their consistency and validate the system. Finally, a proved filter, which permits to take into account different security rules, is formally derived using the B refinement technique.

AB - With the advent of the internet, most organizations offer more and more access to their information systems in order to increase their benefits. However, such an opening may cause security issues if sufficient precautions are not taken. An adequate solution to secure access to information systems consists in (1) defining the sufficient security policies and (2) ensuring their correct deployment on a given technological infrastructure. The present paper deals with the first point by introducing a formal approach that permits to develop a secure filter for an information system that respects different kinds of security rules: functional, static and dynamic rules. The proposed approach uses the SecureUML language to express the static rules and adapts the UML activity diagrams for dynamic ones while the structure of the manipulated data and the functionalities are expressed using a UML class diagram. Starting from these graphical notations, the approach consists in mapping them into a B formal specification to ensure their consistency and validate the system. Finally, a proved filter, which permits to take into account different security rules, is formally derived using the B refinement technique.

KW - Formal Method

KW - Information Systems

KW - Secure Filter

KW - Verification

U2 - 10.1109/HASE.2016.10

DO - 10.1109/HASE.2016.10

M3 - Conference contribution

AN - SCOPUS:84962920136

T3 - Proceedings of IEEE International Symposium on High Assurance Systems Engineering

SP - 173

EP - 180

BT - Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016

A2 - Babiceanu, Radu

A2 - Waeselynck, Helene

A2 - Xu, Jie

A2 - Paul, Raymond A.

A2 - Cukic, Bojan

PB - IEEE Computer Society

T2 - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016

Y2 - 7 January 2016 through 9 January 2016

ER -

Mammar A, Nguyen TM, Laleau R. Formal Development of a Secure Access Control Filter. In Babiceanu R, Waeselynck H, Xu J, Paul RA, Cukic B, editors, Proceedings - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016. IEEE Computer Society. 2016. p. 173-180. 7423149. (Proceedings of IEEE International Symposium on High Assurance Systems Engineering). doi: 10.1109/HASE.2016.10

Formal Development of a Secure Access Control Filter

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this