论文信息 - High-confidence design for security: don't trust—verify

High-confidence design for security: don't trust—verify

33 This article describes methods for establishing confidence that implementations meet their specifications and security requirements. These methods are rigorous in nature, rely on mathematical logic, and are accessible to engineering students at the mas-ter's level. As is typical in systems engineering , various methods are used depending on what level of design is being addressed. Security Properties and Mechanisms The collection of people, keys, processes, or machines who send and receive information and who access information resources (databases, processors, printers) are called principals. Security properties typically deal with the ability of principals to access information or resources. Key security properties include: • Privacy or confidentiality: knowing which principals can read data; • Integrity: detecting corruption of information; • Authentication: knowing the identity of a principal or the source of information; • Access control: restricting the use of a resource to privileged principals; The widespread use of networks makes information security a major concern when the underlying network (for example, the Internet) is assumed to be insecure. Systems with security requirements typically must operate with a high degree of confi-dence—they must be highly assured. The task of designing and building secure systems raises a fundamental question: how do we know with confidence that our designs will be secure? Having confidence in a secure system requires having confidence in the strength of the cryptographic algorithms, the correctness of the hardware and software implementations, and knowing the implementation supports a security model. SECURITY Don't trust—verify.

Shiu-Kai Chin | Shiu-Kai Chin

[1] B. Lampson,et al. Authentication in distributed systems: theory and practice , 1991, TOCS.

[2] Sérgio Vale Aguiar Campos,et al. Symbolic Model Checking , 1993, CAV.

[3] Martín Abadi,et al. Authentication in the Taos operating system , 1994, TOCS.

[4] Constance L. Heitmeyer,et al. SCR*: A Toolset for Specifying and Analyzing Software Requirements , 1998, CAV.

[5] Sofiène Tahar,et al. A Practical Methodology for the Formal Verification of RISC Processors , 1998, Formal Methods Syst. Des..

[6] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[7] Shiu-Kai Chin,et al. Verifying privacy enhanced mail functions with higher order logic , 1996, Network Threats.

[8] M. Gordon. HOL: A Proof Generating System for Higher-Order Logic , 1988 .

[9] Robert S. Hanmer,et al. Systematic software testing using VeriSoft — An analysis of the 4ESS™ heart-beat monitor , 1998, Bell Labs Technical Journal.

[10] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[11] Ásgeir Th. Eiríksson. The Formal Design of 1M-gate ASICs , 1998, FMCAD.