Advertisement

Formal Verification of OS Security Model with Alloy and Event-B

  • Petr N. Devyanin
  • Alexey V. Khoroshilov
  • Victor V. Kuliamin
  • Alexander K. Petrenko
  • Ilya V. Shchepetkov
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8477)

Abstract

The paper presents a work-in-progress on formal verification of operating system security model, which integrates control of confidentiality and integrity levels with role-based access control. The main goal is to formalize completely the security model and to prove its consistency and conformance to basic correctness requirements concerning keeping levels of integrity and confidentiality. Additional goal is to perform data flow analysis of the model to check whether it can preserve security in the face of certain attacks. Alloy and Event-B were used for formalization and verification of the model. Alloy was applied to provide quick constraint-based checking and uncover various issues concerning inconsistency or incompleteness of the model. Event-B was applied for full-scale deductive verification. Both tools worked well on first steps of model development, while after certain complexity was reached Alloy began to demonstrate some scalability issues.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Devyanin, P.N.: The models of security of computer systems: access control and information flows. Hot line - Telecom, Moscow (2013) (in Russian)Google Scholar
  2. 2.
    Bishop, M.: Computer security: art and science. Pearson Education Inc., Boston (2002)Google Scholar
  3. 3.
    Wright, C., Cowan, C., Smalley, S., Morris, J., Kroah-Hartman, G.: Linux Security Modules: General Security Support for the Linux Kernel. In: Proc. of the 11th USENIX Security Symposium, pp. 17–31 (2002)Google Scholar
  4. 4.
    Jackson, D.: Software Abstractions: Logic, Language, and Analysis. MIT Press (2006)Google Scholar
  5. 5.
    Abrial, J.-R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press (2010)Google Scholar
  6. 6.
    Abrial, J.-R., Butler, M., Hallerstede, S., Hoang, T.S., Mehta, F., Voisin, L.: Rodin: An Open Toolset for Modelling and Reasoning in Event-B. International Journal on Software Tools for Technology Transfer 12(6), 447–466 (2010)CrossRefGoogle Scholar
  7. 7.
    Leuschel, M., Butler, M.: ProB: A Model Checker for B. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 855–874. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Bobot, F., Filliâtre, J.-C., Marché, C., Paskevich, A.: Why3: Shepherd Your Herd of Provers. In: Proc. of Boogie 2011: 1st Intl Workshop on Intermediate Verification Languages, pp. 53–64 (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Petr N. Devyanin
    • 1
  • Alexey V. Khoroshilov
    • 2
  • Victor V. Kuliamin
    • 2
  • Alexander K. Petrenko
    • 2
  • Ilya V. Shchepetkov
    • 2
  1. 1.Educational and Methodical Community of Information SecurityMoscowRussia
  2. 2.Institute for System ProgrammingRussian Academy of SciencesMoscowRussia

Personalised recommendations