Публикации
Постоянный URI для этой коллекции
Обзор
Просмотр Публикации по Ключевые слова "access control tools"
Теперь показываю 1 - 1 из 1
Количество результатов на страницу
Sort Options
- ПубликацияТолько метаданныеVerifying Security Properties of the Source Code of Access Control Tools Using Frama-C(2022) Kanner, A. M.; Kanner, T. M.The paper discusses the features of the approach most commonly used to verify access control tools, where a high-level specification (security model) is generated. Serious problems are revealed in the applied approach, since there is a discrepancy between the object being verified and the real object requiring verification. As an alternative approach to verifying access control tools, it is proposed to verify security properties at the source code level, for example, for ANCI C code using Frama-C and special theorem provers. The paper considers the features of the Frama-C core, plug-ins and theorem provers. Using a synthetic example of a system, where subject-object interaction is arranged within the Bell-LaPadula Model, a possibility is demonstrated to generate the properties of a security model in the form of low-level contracts for several functions. A possibility of forming new function conditions by analyzing covert channels for the Bell-LaPadula mandate policy is demonstrated, taking into account the hierarchical structure of the system objects, as well as the corresponding change in the source code to meet the new conditions. In conclusion, the advantages of verifying access control tools at the source code level in comparison with the previously used approach are given. The features are listed that arise in case of a change in the source code and in case of verifying access control tools using standard library functions. A possible direction is proposed for further research on dynamic verification of the source code of access control tools. © 2022 IEEE.