JOURNAL OF NETWORKS (JNW)
ISSN : 1796-2056
Volume : 3 Issue : 8 Date : November 2008
Heterogeneous Security Policy Validation: From Formal to Executable Specifications
Jihène Krichène, Mohamed Hamdi, and Noureddine Boudriga
Full Text: PDF (249 KB)
This paper develops a prototyping technique for information systems security policies. Starting from
the algebraic specification of a security policy, we derive an executable specification that represents
a prototype of the actual policy. Executing the specification allows determining sequences of actions
that lead to security policy violations. We propose a composition framework to build compound
algebraic specifications. We show that the mechanism we provide to translate algebraic
specifications to executable specifications preserves the composition rules, which is of utmost
importance from the engineering perspective. Through accurate examples, we show how
executables specifications can be used in conjunction with formal specification in the frame of the
security policy engineering process.
Algebraic specifications, executable specifications, security policy engineering.