Skip to main content
SpringerLink
Log in

A Formal Description of SECIMOS Operating System

  • Conference paper
Computer Network Security (MMM-ACNS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3685))

Abstract

The application of formal methods in secure operating system experiences a procedure of development and maturity with the eminence and development of secure operating system itself. According to Common Criteria and United States Department of Defenses Trusted Computer System Evaluation Criteria (TCSEC), high security level secure operating system should introduce formal methods in the process development and evaluation. Security in Mind Operating System (SECIMOS) is a customizable secure operating system developed by Institute of Software, Chinese Academy of Science. In this work, we formally model the security policies using Z specification language and informally proved the correspondence between policies and top level functionalities. As a result, we summarize the gist to choose a formal description language for modeling a secure operating system and possibility of use Isabelle/HOL as a formal tool.

This work is jointly supported by National Basic Research Program of China (973) under Grant No. G1999035802, National Natural Science Foundation of China under Grant No. 60373054 and National High-Tech Research and Development Program of China (863) under Grant No. 2002AA141080.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Leveson, N.G.: Geust Editor’s Introduction: Formal Methods in Software Engineering. IEEE Transactions in Software Engineering, 929–931 (September 1990)

    Google Scholar 

  2. Wenzel, M.: Isabelle/Isar - A Versatile Environment for Human-Readable Formal Proof Documents. PhD thesis. Institute für Informatik, Technische Universität München (2002)

    Google Scholar 

  3. Bell, D.E., La Padula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. MITRE Report, MTR-2997 Rev.1 (1976)

    Google Scholar 

  4. CSC-STD-001-83, Department of Defense Standard. Department of Defense Trusted Computer System Evaluation Criteria. National Computer Security Center, Ft. Meade, MD. USA (1985)

    Google Scholar 

  5. Waldhart, N.A.: The Army Secure Operating System. In: 1990 IEEE Symposium on Security and Privacy, pp. 50–60 (1990)

    Google Scholar 

  6. Saydjari, O.S.: LOCK: An Historical Perspective. In: 18th Annual Computer Security Applications Conference, pp. 96–108 (2002)

    Google Scholar 

  7. Good, D., Akers, R., Smith, L.: Report on Gypsy 2.05. Tech. Rept. ICSCA-CMP-48. Institute for Computer Science and Computing Applications. The University of Texas at Austin (1986)

    Google Scholar 

  8. Wu, Y., Shi, W., Liang, H., Shang, Q., Yuan, C., Liang, B.: Security On-demand Architecture with Multiple Modules Support. In: Information Security Practice and Experience, First International Conference, Singapore, pp. 121–131 (2005)

    Google Scholar 

  9. Mayer, F.L.: An Interpretation of a Refined Bell-La. Padula Model for the Tmach Kernel. In: Fourth Aerospace Computer Security Applications Conference (1988)

    Google Scholar 

  10. Bell, D.E.: Secure Computer Systems: A Network Interpretation. In: Second Aerospace Computer Security Conference, pp. 32–39 (1986)

    Google Scholar 

  11. Liang, B., Liu, H., Shi, W., Wu, Y.: Enforcing the Principle of Least Privilege with a State-Based Privilege Control Model. In: Information Security Practice and Experience, First International Conference, Singapore, pp. 109–120 (2005)

    Google Scholar 

  12. Spivey, J.M.: Understanding Z: A Spcification language and its formal semantics. Cambridge Tracts in Theoretical Computer Science, vol. 3. Cambridge University Press, Cambridge (1988)

    Google Scholar 

  13. Meisels, I., Saaltink, M.: The Z/EVES Reference Manual (for Version 1.5). Technical Report, TR-97-5492-03d. ORA Canada (1997)

    Google Scholar 

  14. Havelund, K., Lowry, M., Penix, J.: Formal Analysis of A Space Craft Controller Using SPIN. IEEE Transactions on Software Engineering 27(8), 749–765 (2001)

    Article  Google Scholar 

  15. Pecheur, C., Simmons, R.: From Livingstone to SMV: Formal Verification for Autonomous Spacecrafts. In: Proceedings of First Goddard Workshop on Formal Approaches to Agent-Based Systems. NASA Goddard, pp. 103–113 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Software, Chinese Academy of Sciences, Beijing, 100080, PRC

    Zhouyi Zhou, Li Jiang, Wenchang Shi & Yeping He

  2. Graduate School of the Chinese Academy of Sciences, Beijing, 100049, PRC

    Zhouyi Zhou

  3. College of Computer and Communications, Hunan University, Changsha, HN, 410082, PRC

    Zhouyi Zhou

  4. Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, PRC

    Bin Liang

  5. Beijing Venus Info Tech Inc, Beijing, 100081, PRC

    Bin Liang

Authors
  1. Zhouyi Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bin Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Li Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wenchang Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yeping He
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. Computer Security Research Group, St. Petersburg Institute for Informatics and Automation, 39, 14 Liniya, 199178, St.-Petersburg, Russia

    Igor Kotenko

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhou, Z., Liang, B., Jiang, L., Shi, W., He, Y. (2005). A Formal Description of SECIMOS Operating System. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_22

Download citation

  • DOI: https://doi.org/10.1007/11560326_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29113-8

  • Online ISBN: 978-3-540-31998-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation