Abstract
In the paper the approach to the multi-level security (MLS) system models verification is presented. In the work the MlsML profile was developed with possibility of the confidentiality or integrity verification on the base of Bell- LaPadula or Biba models. The Bell-LaPadula and Biba models are formalized together with scenarios that represent possible run-time instances. Properties of the security policy model are expressed as constrains in OCL language. The feasibility of the proposed approach by applying it to a non-trivial example is demonstrated.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Anderson, J.P.: Computer Security Technology Planning Study, vol. II ESD-TR-73-51. Electronic System Division. Air Force System Command. Hansom Field, Bedford, MA, 01730 (1973)
Bell D.E., La Padula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation, ESD-TR-75-306. ESD/AFSC, Hanscom AFB, Bedford, MA (1976), http://csrc.nist.gov/publications/history/bell76.pdf (accessed June 24, 2012)
Bell, D.E.: Looking Back at the Bell-La Padula Model, Reston VA, 20191 (2005)
Biba, K.J.: Integrity Consideration for Secure Computer System, Report MTR-3153 (1975)
Clark, D., Wilson, D.R.: A Comparison of Commercial and Military Computer Security Policies. In: Proc. IEEE Symposium on Research in Security and Privacy, pp. 184â194 (1987)
Mouratidis, H., Giorgini, P., Manson, G.: When security meets software engineering: a case of modeling secure information systems. Information Systems 30, 609â629 (2005)
ZieliĆski, Z., Stasiak, A., DÄ browski, W.: A Model Driven Method for Multilevel Security Systems Design. PrzeglÄ d Elektrotechniczny (Electrical Review)Â (2), 120â125 (2012)
Basin, D., Clavel, M., Doser, J., Loddersted, T.: Model Driven Security: From UML Models to Access Control Infrastructures 15(1), 39â91 (2006)
Basin, D., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Information and Software Technology 51, 815â831 (2009)
Ahn, G.J., Shin, M.E.: Role-based authorization constraints specification using object constraint language. In: WETICE 2001: Proceedings of the 10th IEEE International Workshops on Enabling Technologies. IEEE Computer Society, Washington, DC (2001)
Sohr, K., Ahn, G.J., Gogolla, M., Migge, L.: Specification and validation of authorisation constraints using UML and OCL. In: De Capitani di Vimercati, S., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 64â79. Springer, Heidelberg (2005)
JĂŒrjens, J.: UMLsec: Extending UML for secure systems development. In: JĂ©zĂ©quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412â425. Springer, Heidelberg (2002)
Frankel, D.S.: Model Driven Architecture: Applying MDA to Enterprise Computing. John Wiley & Sons (2003)
ZieliĆski, Z., Furtak, J., Chudzikiewicz, J., Stasiak, A., Brudka, M.: Secured Workstation to Process the Data of Different Classification Levels. Journal of Telecommunications and Information Technology (3), 5â12 (2012)
Kelly, S., Tolvanen, J.P.: Domain-Specific Modeling: Enabling Full Code Generation. Wiley, NJ (2008)
Mohlin, M.: Model Simulation in Rational Software Architect: Simulating UML Models. IBM (2010)
Anders, E.: Model Simulation in Rational Software Architect: Activity Simulation. IBM (2010)
Kozakiewicz, A., Felkner, A., Furtak, J., ZieliĆski, Z., Brudka, M., MaĆowidzki, M.: Secure Workstation for Special Applications. In: Lee, C., Seigneur, J.-M., Park, J.J., Wagner, R.R. (eds.) STA 2011 Workshops. CCIS, vol. 187, pp. 174â181. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Stasiak, A., ZieliĆski, Z. (2013). An Approach to Automated Verification of Multi-Level Security System Models. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) New Results in Dependability and Computer Systems. Advances in Intelligent Systems and Computing, vol 224. Springer, Heidelberg. https://doi.org/10.1007/978-3-319-00945-2_34
Download citation
DOI: https://doi.org/10.1007/978-3-319-00945-2_34
Publisher Name: Springer, Heidelberg
Print ISBN: 978-3-319-00944-5
Online ISBN: 978-3-319-00945-2
eBook Packages: Chemistry and Materials ScienceChemistry and Material Science (R0)