Academic Journals Database
Disseminating quality controlled scientific knowledge

Heterogeneous Security Policy Validation: From Formal to Executable Specifications

Author(s): Jihène Krichène | Mohamed Hamdi | Noureddine Boudriga

Journal: Journal of Networks
ISSN 1796-2056

Volume: 3;
Issue: 8;
Start page: 55;
Date: 2008;
Original page

Keywords: Algebraic specifications | executable specifications | security policy engineering

This paper develops a prototyping technique for information systems security policies. Starting from the algebraic specification of a security policy, we derive an executable specification that represents a prototype of the actual policy. Executing the specification allows determining sequences of actions that lead to security policy violations. We propose a composition framework to build compound algebraic specifications. We show that the mechanism we provide to translate algebraic specifications to executable specifications preserves the composition rules, which is of utmost importance from the engineering perspective. Through accurate examples, we show how executables specifications can be used in conjunction with formal specification in the frame of the security policy engineering process.
Affiliate Program      Why do you need a reservation system?