Advertisement

Logical Resolving for Security Evaluation

  • Peter D. Zegzhda
  • Dmitry P. Zegzhda
  • Maxim O. Kalinin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2776)

Abstract

The paper discusses approach for testing security policies enforcement and weakness and enterprises it’s implementation for keeping assurance in system protection. Using such techniques it is possible to examine the protections of thousands of security-related objects on a multi-user system and identify security drawbacks. By acting on this information, security officer or system administrator can significantly reduce their system security exposure. The document examines theoretical foundations for design the safety evaluation toolkit. Finally, paper describes a functional structure of the integrated evaluation workshop based on the security analyzing kernel.

Keywords

access control logic language resolution safety problem resolving secure state security evaluation security model 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Jajodia, S., Samarati, P., Subrahmanian, V.S.: A Logical Language for Expressing Authorizations. In: Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA (1997)Google Scholar
  2. 2.
    Hoagland, J.A., Panday, R., Levitt, K.N.: Security Policy Specification Using a Graphical Approach. Tech. report CSE-98-3, UC Davis Computer Science Dept. (1998)Google Scholar
  3. 3.
    Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: Proc. Policy 2001: Workshop on Policies for Distributed Systems and Networks, Bristol, UK (2001)Google Scholar
  4. 4.
    Goguen, J., Meseguer, J.: Security policies and security models. In: Proc. of the 1982 IEEE Symposium on Security and Privacy, Oakland, CA (1982)Google Scholar
  5. 5.
    McLean, J.: Reasoning about security models. In: Proc. of the 1987 IEEE Symposium on Security and Privacy, Oakland, CA (1987)Google Scholar
  6. 6.
    McLean, J.: The Algebra of Security. In: Proc. 1988 IEEE Symposium on Security and Privacy (April 1988)Google Scholar
  7. 7.
    McLean, J.: Security models and information flow. In: Proc. 1990 IEEE Symposium on Security and Privacy (May 1990)Google Scholar
  8. 8.
    Bell, D., LaPadula, L.: Secure Computer Systems: Unified Exposition and Multics Interpretation, Technical Report, MTR-2997, MITRE, Bedford, Mass (1975)Google Scholar
  9. 9.
    Harrison, M., Ruzzo, W., Ullman, J.: Protection in operating systems. Communications of the ACM 19(8), 461–471 (1976)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Bratko, I.: PROLOG Programming for Artificial Intelligence, 3rd edn. Addison-Wesley Pub Co, Reading (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Peter D. Zegzhda
    • 1
  • Dmitry P. Zegzhda
    • 1
  • Maxim O. Kalinin
    • 1
  1. 1.Information Security Centre of Saint-Petersburg Polytechnical UniversitySaint-Petersburg

Personalised recommendations