Need-to-Share and Non-diffusion Requirements Verification in Exchange Policies

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9097)

Abstract

Whether be it for Earth observation, risk management or even companies relations, more and more interconnected organizations form decentralized systems in which the exchange, in terms of diffusion or non-diffusion of information between agents, can have critical consequences. In this paper, we present a formal framework to specify information exchange policies for such kinds of systems and two specific requirements, the need-to-share and the non-diffusion requirements, as well as properties strongly related to them. Wiser from these formal definitions, we see how to reconcile these sometimes antagonist requirements in a same policy specification with information filtering operations. We also explain how we use state of the art theorem provers to perform automatic analysis of these policies.

Keywords

Requirements engineering Information exchange policies Formal specification Formal verification 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abramov, J., Anson, O., Dahan, M., Shoval, P., Sturm, A.: A methodology for integrating access control policies within database development. Computers & Security 31(3), 299–314 (2012)CrossRefGoogle Scholar
  2. 2.
    Akl, S.G., Denning, D.E.: Checking classification constraints for consistency and completeness. In: IEEE Symposium on Security and Privacy, pp. 196–201. IEEE Computer Society (1987)Google Scholar
  3. 3.
    Castanẽda, H.N.: Thinking and doing. D. Reidel, Dordrecht (1975)Google Scholar
  4. 4.
    Cuppens, F., Demolombe, R.: A modal logical framework for security policies. In: Raś, Z.W., Skowron, A. (eds.) ISMIS 1997. LNCS, vol. 1325, pp. 579–589. Springer, Heidelberg (1997) CrossRefGoogle Scholar
  5. 5.
    Delmas, R., Polacsek, T.: Formal methods for exchange policy specification. In: Salinesi, C., Norrie, M.C., Pastor, Ó. (eds.) CAiSE 2013. LNCS, vol. 7908, pp. 288–303. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  6. 6.
    Denning, D.E., Akl, S.G., Heckman, M., Lunt, T.F., Morgenstern, M., Neumann, P.G., Schell, R.R.: Views for multilevel database security. IEEE Trans. Software Eng. 13(2), 129–140 (1987)CrossRefGoogle Scholar
  7. 7.
    Gallier, J.H.: Logic for Computer Science: Foundations of Automatic Theorem Proving, chapter 10, pp. 448–476. Wiley (1987)Google Scholar
  8. 8.
    Halpern, J.Y., Weissman, V.: Using first-order logic to reason about policies. ACM Transactions on Information and System Security (TISSEC) 11(4) (2008)Google Scholar
  9. 9.
    Kalam, A.A.E., Benferhat, S., Miège, A., Baida, R.E., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access contro. In: POLICY, p. 120. IEEE Computer Society (2003)Google Scholar
  10. 10.
    de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  11. 11.
    Mouratidis, H., Kalloniatis, C., Islam, S., Huget, M.P., Gritzalis, S.: Aligning security and privacy to support the development of secure information systems. J. UCS 18(12), 1608–1627 (2012)Google Scholar
  12. 12.
    Paja, E., Dalpiaz, F., Poggianella, M., Roberti, P., Giorgini, P.: Modelling security requirements in socio-technical systems with sts-tool. In: Kirikova, M., Stirna, J. (eds.) CEUR Workshop Proceedings of the CAiSE Forum, vol. 855, pp. 155–162. CEUR-WS.org (2012)Google Scholar
  13. 13.
    Sebastiani, R., Vescovi, M.: Automated reasoning in modal and description logics via sat encoding: the case study of k(m)/alc-satisfiability. J. Artif. Intell. Res. (JAIR) 35, 343–389 (2009)MATHMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.ONERAToulouseFrance

Personalised recommendations