论文信息 - Specification and Validation of a Security Policy Model

Specification and Validation of a Security Policy Model

This paper describes the development of a formal security policy model, in Z, for the NATO Air Command and Control System (ACCS): a large, distributed, multi-level-secure system. The model was subject to manual validation, and some of the issues and lessons in both writing and validating the model are discussed.

Anthony Boswell | A. Boswell

[1] Michael W. Godfrey,et al. Formal Specification in Metamorphic Programing , 1991, VDM Europe.

[2] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[3] Lesley Semmens,et al. Using Yourdon and Z: an Approach to Formal Specification , 1990, Z User Workshop.

[4] Peter Hitchcock,et al. Structured Analysis - A Draft Method for Writing Z Specifications , 1991, Z User Workshop.

[5] David Garlan,et al. Formal Specifications as Reusable Frameworks , 1990, VDM Europe.

[6] David D. Clark,et al. A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[7] Susan Stepney,et al. The Use of Z , 1991, Z User Workshop.

[8] Mike Flynn,et al. Formaliser - An Interactive Support Tool for Z , 1989, Z User Workshop.