A verification approach to applied system security

We present a method for the security analysis of realistic models over off-the-shelf systems and their configuration by formal, machine-checked proofs. The presentation follows a large case study based on a formal security analysis of a CVS-Server architecture.The analysis is based on an abstract architecture (enforcing a role-based access control), which is refined to an implementation architecture (based on the usual discretionary access control provided by the POSIX environment). Both architectures serve as a skeleton to formulate access control and confidentiality properties.Both the abstract and the implementation architecture are specified in the language Z. Based on a logical embedding of Z into Isabelle/HOL, we provide formal, machine-checked proofs for consistency properties of the specification, for the correctness of the refinement, and for security properties.

[1]  P. Cederqvist,et al.  Version Management with CVS , 1993 .

[2]  Aeleen Frisch Essential System Administration , 1991 .

[3]  Mary Shaw,et al.  Software architecture - perspectives on an emerging discipline , 1996 .

[4]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[5]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[6]  Moshe Bar,et al.  Open Source Development with CVS , 1999 .

[7]  Ravi Sandhu Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned , 1998 .

[8]  Tobias Nipkow,et al.  A Proof Assistant for Higher-Order Logic , 2002 .

[9]  Mary Shaw,et al.  An Introduction to Software Architecture , 1993, Advances in Software Engineering and Knowledge Engineering.

[10]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[11]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[12]  Jim Woodcock,et al.  Using Z - specification, refinement, and proof , 1996, Prentice Hall international series in computer science.

[13]  Achim D. Brucker,et al.  HOL-Z 2.0: A Proof Environment for Z-Specifications , 2003, J. Univers. Comput. Sci..

[14]  [8] Karl Fogel, Open Source Development With CVS, The Coriolis Group , .

[15]  Jan Jürjens,et al.  Secrecy-Preserving Refinement , 2001, FME.

[16]  Achim D. Brucker,et al.  A CVS-Server Security Architecture — Concepts and Formal Analysis , 2002 .

[17]  Maritta Heisel,et al.  Confidentiality-Preserving Refinement is Compositional - Sometimes , 2002, ESORICS.

[18]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .