Skip to main content
SpringerLink
Log in

A Security Verification Method for Information Flow Security Policies Implemented in Operating Systems

  • Conference paper
Information and Communications Security (ICICS 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2836))

Included in the following conference series:

  • 764 Accesses

Abstract

Nowadays, operating system security depends much on the security policies implemented in the system. It’s necessary to verify whether the secure operating system’s implementation of security policies is correct. The paper provides a general and automaticable security verification method which is suitable for deploying in practice to verify information flow security policies implemented in information systems specially in secure operating systems. We first use information flow graphs (IFG) to express the information flow security policies specified by temporal logic. Then, based on the express method, we supply a verification framework to verify whether the implementation of an information system satisfies the restrictions of security policies. At last, a security verification framework based on mandatory access control (MAC) which is fit for current secure operating systems has been given.

This paper is supported by China National 863 Software Project 2002AA1Z2101, “Server Operating System Kernel”.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Allen Emerson, E.: Temporal And Modal Logic (1995)

    Google Scholar 

  2. Peri, R.V.: Specification and Verification of Security Policies, PhD Dissertation (1996)

    Google Scholar 

  3. Walker, B.J., Kemmerer, R.A., Popek, G.J.: Specification and Verification of the UCLA Unix Security Kernel. ACM, New York (1980)

    Google Scholar 

  4. Di Vito, B.L., Palmquist, P.H., Anderson, E.R., Johnston, M.L.: Specification and Verification of the ASOS Kernel. IEEE, Los Alamitos (1990)

    Google Scholar 

  5. Shapiro, J.S., Weber, S.: Verifying Operating System Security. Computer and Information Sciences Technical Report MS-CIS-97-26 (1997)

    Google Scholar 

  6. Katoen, J.-P.: Concepts, Algorithms, and Tools for Model Checking. Lecture Notes of the Course Mechanised Validation of Parallel Systems (1998/1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer, National Univ. of Defense Technology, Changsha, 410073, China

    Xiao-dong Yi & Xue-jun Yang

Authors
  1. Xiao-dong Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xue-jun Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of Softwear, Chinese Academy of Sciences, 100080, Beijing, China

    Sihan Qing

  2. Institute for Security in Distributed Applications, Hamburg University of Technology, 21071, Hamburg, Germany

    Dieter Gollmann

  3. Cryptography and Security Department Institute for Infocomm Research, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yi, Xd., Yang, Xj. (2003). A Security Verification Method for Information Flow Security Policies Implemented in Operating Systems. In: Qing, S., Gollmann, D., Zhou, J. (eds) Information and Communications Security. ICICS 2003. Lecture Notes in Computer Science, vol 2836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39927-8_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39927-8_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20150-2

  • Online ISBN: 978-3-540-39927-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation