论文信息 - Formal Modelling of a Usable Identity Management Solution for Virtual Organisations

Formal Modelling of a Usable Identity Management Solution for Virtual Organisations

This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication. We introduce the Audited Credential Delegation (ACD) architecture as a solution to some of the virtual organisations identity management usability problems. The approach uses two complementary models: one is state based, described in Z notation, and the other is event-based, expressed in the Process Algebra of Hoare's Communicating Sequential Processes (CSP). The former will be used to capture the state of the WS and to model back-end operations on it whereas the latter will be used to model behavior, and in particular, front-end interactions and communications. The modelling helps to clearly and precisely understand functional and security requirements and provide a basis for verifying that the system meets its intended requirements.

[1] Jim Woodcock,et al. Using Z - specification, refinement, and proof , 1996, Prentice Hall international series in computer science.

[2] Peter V. Coveney,et al. The application hosting environment: Lightweight middleware for grid-based computational science , 2007, Comput. Phys. Commun..

[3] Ali E. Abdallah,et al. Formal Modelling of PKI Based Authentication , 2009, WWV.

[4] Richard O. Sinnott,et al. Grid infrastructures for secure access to and use of bioinformatics data: experiences from the BRIDGES project , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[5] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[6] P. V. Coveney,et al. A user-friendly approach to computational grid security , 2006 .

[7] Jim Woodcock,et al. Refining Industrial Scale Systems in Circus , 2004 .

[8] C. A. R. Hoare,et al. Communicating sequential processes , 1978, CACM.

[9] Ali E. Abdallah,et al. Weaving Authentication and Authorization Requirements into the Functional Model of a System Using Z Promotion , 2008, ISoLA.

[10] Dieter Gollmann,et al. Computer Security , 1979, Lecture Notes in Computer Science.