A Language For Secure Requirement Description Based on Information Flow
The verification of policy configuration is the key point during the security analysis of SELinux. Most of cur rent verification methods focus on the construction of policy configurations mathematical model, rather than the difficulty of security requirements description for the verifiers. A new security requirement description language (SRDL) based on the theory of information flow is proposed, whose syntax is irrelevant with the verification tools logic systems. Without knowing the math ematical logic behind those verification tools, every requirement can be represented as one or more information flows with SRDL by the verifier. The complier of SRDL could translate these flows into verification tools input automatically. Such a SRDL complier is implemented for the analysis of SELinux. It can translate SRDLs flows into the input model of NuSMV, a wildly used model checker.
Liang Cheng Yang Zhang Dengguo Feng
State Key Laboratory of Information Security,Institute of Software, Chinese Academy of Sciences,Beijing 100190
国际会议
厦门
英文
397-401
2010-10-29(万方平台首次上网日期,不代表论文的发表时间)