Istituto di Informatica e Telematica     
Martinelli F., Matteucci I. Idea: Action Refinement for Security Properties Enforcement. In: ESSoS'09 - Engineering Secure Software and Systems. First International Symposium on Engineering Secure Software and Systems (Leuven, Belgium, 4-6 February 2009). Proceedings, pp. 37 - 42. F. Masacci, S.T. Redwine, N. Zannone. (Lecture Notes in Computer Science, vol. 5429). Springer, 2009.
In this paper we propose an application of action refinement theory for enforcing security policies at different levels of abstraction. Indeed we assume to have a (high level) specification of a secure system with a possible untrusted component. It is controlled by a controller program, in such a way the system is secure. We show that it is possible to guarantee that the refinement of this system at a lower level of abstraction is still secure, regardless the behavior of the implementation of the untrusted component.
DOI: 10.1007/978-3-642-00199-4_4
Subject Engineering Secure Software and Systems
D.4.6 Security and Protection

Icona documento 1) Download Document PDF

Icona documento Open access Icona documento Restricted Icona documento Private


Per ulteriori informazioni, contattare: Librarian http://puma.isti.cnr.it

Valid HTML 4.0 Transitional