Systematic Approach to Security Risk Investigation

  • Dušan P. Jokanovic
Chapter
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT)

Abstract

We propose a formal method for systematic investigation of the system security breaches when they occur. Our method is based on system specifications arranged in directed acyclic graph-like structures named constraint diagrams. Each vertex of a constraint diagram contains a different set of constraints imposed on a system and/or assumed on its environment. Enforcing the constraints should ideally prevent the occurrence of corresponding security breaches, where the more severe constraints, the higher the cost of observing them. Given a security breach, a designer can traverse constraint diagram to access accurately how much damage to the system was incurred and its cost of repair. Moreover, the method helps identifying unforeseen security holes in system implementations, which may benefit the future systems by designing ways to avoid them.

We make use of a property-oriented specification language, as a formalization vehicle, which combines both axiomatic and algebraic specifications into a two-tiered specification. This suits well to our purpose to describe both system’s state-dependent and independent security properties. The risk investigation technique is explained on an example of a security breach such as acquiring unauthorized capabilities in the e-mail system.

Keywords

Formal Method Simple Object Security Property Prefer Behavior Security Breach 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full chapter text

References

  1. 1.
    N.G. Leveson, “Software Safety: What, Why, and How,” ACM Computing Surveys, June 1986, pp. 125–164.Google Scholar
  2. 2.
    D.E. Bell, “ Secure computer systems: Unified exposition and multics interpretation,” Tech. Rep. ESD-TR-75–306, The MITRE Corp., Bedford, MA, March 1976.Google Scholar
  3. 3.
    B.W. Lampson,“ Protection,” ACM Oper. Syst. Rev., Vol. 19, No. 5, Dec. 1985, pp. 13–24.CrossRefGoogle Scholar
  4. 4.
    J.V. Guttag et al.,“ The Larch Family of Specification Languages,” IEEE Software, Vol. 2, No. 5, September 1985, pp. 24–36.Google Scholar
  5. 5.
    R. Morris and K.L. Thompson,“ Password security: A case history,” Commun. ACM Vol. 22, No. 11, November 1979, pp. 594–597.CrossRefGoogle Scholar
  6. 6.
    L. Gong, et al.,“ Protecting poorly chosen secrets from guessing attacks,” IEEE J. Selected Areas in Communication Vol. 11, No. 5, June 1993, pp. 648–656.CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 1995

Authors and Affiliations

  • Dušan P. Jokanovic
    • 1
  1. 1.Furukawa Electric Co., LtdSendaiJapan

Personalised recommendations