Framework for the formal specification and verification of security guidelines

Zeineb Zhioua; Rabea Ameur-Boulifa; Yves Roudier

doi:10.25046/aj030106

Framework for the formal specification and verification of security guidelines

Zeineb Zhioua
, Rabea Ameur-Boulifa
, Yves Roudier

Eurecom
CNRS LTCI
CNRS

Résultats de recherche: Contribution à un journal › Article › Revue par des pairs

Résumé

Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

langue originale	Anglais
Pages (de - à)	38-48
Nombre de pages	11
journal	Advances in Science, Technology and Engineering Systems
Volume	3
Numéro de publication	1
Les DOIs	https://doi.org/10.25046/aj030106
état	Publié - 1 janv. 2018
Modification externe	Oui

Accès au document

10.25046/aj030106

Autres fichiers et liens

Lien vers la publication dans Scopus

Contient cette citation

@article{d2a19420bac043d1a44cf2c7a8167fe5,

title = "Framework for the formal specification and verification of security guidelines",

abstract = "Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.",

keywords = "Formal specification, Information Flow Analysis, Model Checking, Program Dependence Graph, Security Guidelines",

author = "Zeineb Zhioua and Rabea Ameur-Boulifa and Yves Roudier",

year = "2018",

month = jan,

day = "1",

doi = "10.25046/aj030106",

language = "English",

volume = "3",

pages = "38--48",

journal = "Advances in Science, Technology and Engineering Systems",

issn = "2415-6698",

number = "1",

}

TY - JOUR

T1 - Framework for the formal specification and verification of security guidelines

AU - Zhioua, Zeineb

AU - Ameur-Boulifa, Rabea

AU - Roudier, Yves

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

AB - Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

KW - Formal specification

KW - Information Flow Analysis

KW - Model Checking

KW - Program Dependence Graph

KW - Security Guidelines

UR - https://www.scopus.com/pages/publications/85061729980

U2 - 10.25046/aj030106

DO - 10.25046/aj030106

M3 - Article

AN - SCOPUS:85061729980

SN - 2415-6698

VL - 3

SP - 38

EP - 48

JO - Advances in Science, Technology and Engineering Systems

JF - Advances in Science, Technology and Engineering Systems

IS - 1

ER -

Framework for the formal specification and verification of security guidelines

Résumé

Accès au document

Autres fichiers et liens

Empreinte digitale

Contient cette citation