Tracking dependent information flows

Zeineb Zhioua; Yves Roudier; Rabea Boulifa Ameur; Takoua Kechiche; Stuart Short

doi:10.5220/0006209301790189

Tracking dependent information flows

Zeineb Zhioua
, Yves Roudier
, Rabea Boulifa Ameur
, Takoua Kechiche
, Stuart Short

SAP Labs France
CNRS

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

Résumé

Ensuring the compliance of developed software with security requirements is a challenging task due to imprecision on the security guidelines definition, and to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development life cycle by combining the model checking together with information flow analysis. We formally specify security guidelines that involve dependent information flows as a basis to lead formal verification through model checking, and provide precise feedback to the developer.

langue originale	Anglais
titre	ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
rédacteurs en chef	Paolo Mori, Steven Furnell, Olivier Camp
Editeur	SciTePress
Pages	179-189
Nombre de pages	11
ISBN (Electronique)	9789897582097
Les DOIs	https://doi.org/10.5220/0006209301790189
état	Publié - 1 janv. 2017
Evénement	3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 - Porto, Portugal Durée: 19 févr. 2017 → 21 févr. 2017

Série de publications

Nom	ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Volume	2017-January

Une conférence

Une conférence	3rd International Conference on Information Systems Security and Privacy, ICISSP 2017
Pays/Territoire	Portugal
La ville	Porto
période	19/02/17 → 21/02/17

Accès au document

10.5220/0006209301790189

Autres fichiers et liens

Lien vers la publication dans Scopus

Contient cette citation

Zhioua, Z., Roudier, Y., Ameur, R. B., Kechiche, T., & Short, S. (2017). Tracking dependent information flows. Dans P. Mori, S. Furnell, & O. Camp (eds.), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy (p. 179-189). (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy; Vol 2017-January). SciTePress. https://doi.org/10.5220/0006209301790189

Zhioua, Zeineb ; Roudier, Yves ; Ameur, Rabea Boulifa et al. / Tracking dependent information flows. ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. Editeur / Paolo Mori ; Steven Furnell ; Olivier Camp. SciTePress, 2017. p. 179-189 (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy).

@inproceedings{6c1ec986c78943a6968de3af09797269,

title = "Tracking dependent information flows",

abstract = "Ensuring the compliance of developed software with security requirements is a challenging task due to imprecision on the security guidelines definition, and to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development life cycle by combining the model checking together with information flow analysis. We formally specify security guidelines that involve dependent information flows as a basis to lead formal verification through model checking, and provide precise feedback to the developer.",

keywords = "Formal Specification, Information Flow Analysis, Labeled Transition System, Model Checking, Program Dependence Graph, Security Guidelines",

author = "Zeineb Zhioua and Yves Roudier and Ameur, \{Rabea Boulifa\} and Takoua Kechiche and Stuart Short",

note = "Publisher Copyright: Copyright {\textcopyright} 2017 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved.; 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 ; Conference date: 19-02-2017 Through 21-02-2017",

year = "2017",

month = jan,

day = "1",

doi = "10.5220/0006209301790189",

language = "English",

series = "ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy",

publisher = "SciTePress",

pages = "179--189",

editor = "Paolo Mori and Steven Furnell and Olivier Camp",

booktitle = "ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy",

}

Zhioua, Z, Roudier, Y, Ameur, RB, Kechiche, T & Short, S 2017, Tracking dependent information flows. Dans P Mori, S Furnell & O Camp (eds), ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy, VOL. 2017-January, SciTePress, p. 179-189, 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19/02/17. https://doi.org/10.5220/0006209301790189

Tracking dependent information flows. / Zhioua, Zeineb; Roudier, Yves; Ameur, Rabea Boulifa et al.
ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. Ed. / Paolo Mori; Steven Furnell; Olivier Camp. SciTePress, 2017. p. 179-189 (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy; Vol 2017-January).

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

TY - GEN

T1 - Tracking dependent information flows

AU - Zhioua, Zeineb

AU - Roudier, Yves

AU - Ameur, Rabea Boulifa

AU - Kechiche, Takoua

AU - Short, Stuart

PY - 2017/1/1

Y1 - 2017/1/1

N2 - Ensuring the compliance of developed software with security requirements is a challenging task due to imprecision on the security guidelines definition, and to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development life cycle by combining the model checking together with information flow analysis. We formally specify security guidelines that involve dependent information flows as a basis to lead formal verification through model checking, and provide precise feedback to the developer.

AB - Ensuring the compliance of developed software with security requirements is a challenging task due to imprecision on the security guidelines definition, and to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development life cycle by combining the model checking together with information flow analysis. We formally specify security guidelines that involve dependent information flows as a basis to lead formal verification through model checking, and provide precise feedback to the developer.

KW - Formal Specification

KW - Information Flow Analysis

KW - Labeled Transition System

KW - Model Checking

KW - Program Dependence Graph

KW - Security Guidelines

UR - https://www.scopus.com/pages/publications/85049173288

U2 - 10.5220/0006209301790189

DO - 10.5220/0006209301790189

M3 - Conference contribution

AN - SCOPUS:85049173288

T3 - ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy

SP - 179

EP - 189

BT - ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy

A2 - Mori, Paolo

A2 - Furnell, Steven

A2 - Camp, Olivier

PB - SciTePress

T2 - 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017

Y2 - 19 February 2017 through 21 February 2017

ER -

Zhioua Z, Roudier Y, Ameur RB, Kechiche T, Short S. Tracking dependent information flows. Dans Mori P, Furnell S, Camp O, rédacteurs en chef, ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy. SciTePress. 2017. p. 179-189. (ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy). doi: 10.5220/0006209301790189

Tracking dependent information flows

Résumé

Série de publications

Une conférence

Accès au document

Autres fichiers et liens

Empreinte digitale

Contient cette citation