A systematic approach to integrate common timed security rules within a TEFSM-based system specification

Context: Formal methods are very useful in the software industry and are becoming of paramount importance in practical engineering techniques. They involve the design and modeling of various system aspects expressed usually through different paradigms. These different formalisms make the verification of global developed systems more difficult. Objective: In this paper, we propose to combine two modeling formalisms, in order to express both functional and security timed requirements of a system to obtain all the requirements expressed in a unique formalism. Method: First, the system behavior is specified according to its functional requirements using Timed Extended Finite State Machine (TEFSM) formalism. Second, this model is augmented by applying a set of dedicated algorithms to integrate timed security requirements specified in Nomad language. This language is adapted to express security properties such as permissions, prohibitions and obligations with time considerations. Results: The proposed algorithms produce a global TEFSM specification of the system that includes both its functional and security timed requirements. Conclusion: It is concluded that it is possible to merge several requirement aspects described with different formalisms into a global specification that can be used for several purposes such as code generation, specification correctness proof, model checking or automatic test generation. In this paper, we applied our approach to a France Telecom Travel service to demonstrate its scalability and feasibility.

[1]  Ana R. Cavalli,et al.  Two Complementary Tools for the Formal Testing of Distributed Systems with Time Constraints , 2008, 2008 12th IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications.

[2]  Amel Mammar,et al.  Modeling System Security Rules with Time Constraints Using Timed Extended Finite State Machines , 2008, 2008 12th IEEE/ACM International Symposium on Distributed Simulation and Real-Time Applications.

[3]  Nora Cuppens-Boulahia,et al.  Nomad: a security model with non atomic actions and deadlines , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[4]  Dimitris Gavrilis,et al.  Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features , 2005, Comput. Networks.

[5]  Joseph Sifakis,et al.  The IF Toolset , 2004, SFM.

[6]  Ana R. Cavalli,et al.  Hit-or-Jump: An algorithm for embedded testing with applications to IN services , 1999, FORTE.

[7]  Konstantin Beznosov,et al.  Supporting relationships in access control using role based access control , 1999, RBAC '99.

[8]  Dominique Cansell,et al.  Integration of Security Policy into System Modeling , 2007, B.

[9]  Jorge Lobo,et al.  A Policy Description Language , 1999, AAAI/IAAI.

[10]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[11]  Iulian Ober,et al.  IF Validation Environment Tutorial , 2004, SPIN.

[12]  David Lee,et al.  Principles and methods of testing finite state machines-a survey , 1996, Proc. IEEE.

[13]  Keqin Li,et al.  Test Generation from Security Policies Specified in Or-BAC , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[14]  Ana R. Cavalli,et al.  A passive testing approach based on invariants: application to the WAP , 2005, Comput. Networks.

[15]  Elisa Bertino,et al.  Supporting RBAC with XACML+OWL , 2009, SACMAT '09.

[16]  Frédéric Cuppens,et al.  Analyzing consistency of security policies , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[17]  Ana R. Cavalli,et al.  A formal approach for testing security rules , 2007, SACMAT '07.

[18]  Kim Guldstrand Larsen,et al.  Formal Methods for the Design of Real-Time Systems , 2004, Lecture Notes in Computer Science.

[19]  Amel Mammar,et al.  A Formal Framework to Integrate Timed Security Rules within a TEFSM-Based System Specification , 2009, 2009 16th Asia-Pacific Software Engineering Conference.

[20]  Joseph Sifakis,et al.  IF: An intermediate representation for SDL and its applications , 1999, SDL Forum.

[21]  Ana R. Cavalli,et al.  Security Rules Specification and Analysis Based on Passive Testing , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[22]  Ana R. Cavalli,et al.  Testing Security Rules with Decomposable Activities , 2007, 10th IEEE High Assurance Systems Engineering Symposium (HASE'07).

[23]  Joseph Sifakis,et al.  Tools and Applications II: The IF Toolset , 2004 .

[24]  Emil C. Lupu,et al.  Ponder: An Object-oriented Language for Specifying Security and Management Policies , 2001 .

[25]  Jianping Wu,et al.  Formal Methods for Protocol Engineering and Distributed Systems , 1999, IFIP Advances in Information and Communication Technology.