Abstract
In the paper the approach to multi-level security (MLS) systems verification on the base of Bell-LaPadula and Biba models is presented. The essence of the proposed approach to analyze properties of MLS security-design models and their instances is models integration and their evaluation and simulation. Properties of the security policy model are expressed as constrains in OCL language. Also, “separability” problem of different security domains is formulated and a method for its verification is proposed. The feasibility of the proposed approach by applying it to the example MLS project is demonstrated.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Project No. OR00014011 supported by The Polish National Center for Research and Development.
- 2.
The environment used in the work enables you to collect the simulation results in the following forms: history of messages sent between objects, traces of messages passing control flow, history of console records. It should be noted that capabilities of this environment may be extended with the use of UAL language.
References
Bell, D.E., La Padula, L.J.: Secure computer system: unified exposition and multics interpretation. ESD-TR-75-306. ESD/AFSC, Hanscom AFB, Bedford, MA (1976). http://csrc.nist.gov/publications/history/bell76.pdf. Accessed 24 June 2012
Bell, D.E.: Looking back at the Bell-La Padula model, Reston, VA (2005)
Biba, K.J.: Integrity consideration for secure computer system. Report MTR-3153 (1975)
Clark, D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 184–194 (1987)
Sandhu, R.S.: Lattice-based access control models. Computer 26, 9–19 (1993)
Mouratidis, H., Giorgini, P., Manson, G.: When security meets software engineering: a case of modeling secure information systems. Inf. Syst. 30(2005), 609–629 (2005)
Zieliński, Z., Stasiak, A., Dąbrowski, W.: A model driven method for multilevel security systems design. Przegląd Elektrotechniczny (Electr. Rev.) 2, 120–125 (2012)
Basin, D., Clavel, M., Doser, J., Loddersted, T.: Model driven security: from UML models to access control infrastructures, vol. 15, no. 1, pp. 39–91 (2006)
Basin, D., Clavel, M., Doser, J., Egea, M.: Automated analysis of security-design models. Inf. Softw. Technol. 51, 815–831 (2009)
Ahn, G.J., Shin, M.E.: Role-based authorization constraints specification using object constraint language. In: Proceedings of the 10th IEEE International Workshops on Enabling Technologies, WETICE 2001: IEEE Computer Society, Washington, DC, USA (2001)
Sohr, K., Ahn, G.J., Gogolla, M., Migge, L.: Specification and validation of authorization constraints using UML and OCL. In: Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS 2005). Lecture Notes in Computer Science, vol. 3679, Springer (2005)
Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002—The Unified Modeling Language. Lecture Notes in Computer Science, vol. 2460. Springer (2002)
Frankel, D.S.: Model Driven Architecture: Applying MDA to Enterprise Computing. Wiley, Hoboken (2003)
Zieliński, Z., Furtak, J., Chudzikiewicz, J., Stasiak, A., Brudka, M.: Secured workstation to process the data of different classification levels. J. Telecommun. Inf. Technol. 3(2012), 5–12 (2012)
Stasiak, A., Zieliński, Z.: An approach to automated verification of multi-level security system models. In: Janusz, K. (ed.) Advances in Intelligent and Soft Computing. Springer (2013). ISSN: 1867-5662
Narinder, M.: Anatomy of a Topology Model Used in IBM Rational Software Architect Version 7.5, Part 2: Advanced Concepts. IBM, Armonk (2008)
Alves-Foss, J., Taylor, C., Paul Oman, P.: Multi-layered approach to security in high assurance systems. In: Proceedings of the 37th Hawaii International Conference on System Sciences—2004. IEEE (2004)
Mohlin, M.: Model Simulation in Rational Software Architect: Simulating UML Models. IBM, Armonk (2010)
Mohlin, M.: Model Simulation in Rational Software Architect: Communicating Models. IBM, Armonk (2010)
Anders, E.: Model Simulation in Rational Software Architect: Activity Simulation. IBM, Armonk (2010)
Kozakiewicz, A., Felkner, A., Zieliński, Z., Furtak, J., Brudka, M., Małowidzki, M.: Secure Workstation for Special Applications. Communications in Computer and Information Science, vol. 187, pp. 174–181. Springer, Berlin (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Stasiak, A., Zieliński, Z. (2019). Multi-level Security System Verification Based on the Model. In: Kosiuczenko, P., Zieliński, Z. (eds) Engineering Software Systems: Research and Praxis. KKIO 2018. Advances in Intelligent Systems and Computing, vol 830. Springer, Cham. https://doi.org/10.1007/978-3-319-99617-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-99617-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99616-5
Online ISBN: 978-3-319-99617-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)