Abstract
Nowadays, operating system security depends much on the security policies implemented in the system. It’s necessary to verify whether the secure operating system’s implementation of security policies is correct. The paper provides a general and automaticable security verification method which is suitable for deploying in practice to verify information flow security policies implemented in information systems specially in secure operating systems. We first use information flow graphs (IFG) to express the information flow security policies specified by temporal logic. Then, based on the express method, we supply a verification framework to verify whether the implementation of an information system satisfies the restrictions of security policies. At last, a security verification framework based on mandatory access control (MAC) which is fit for current secure operating systems has been given.
This paper is supported by China National 863 Software Project 2002AA1Z2101, “Server Operating System Kernel”.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Allen Emerson, E.: Temporal And Modal Logic (1995)
Peri, R.V.: Specification and Verification of Security Policies, PhD Dissertation (1996)
Walker, B.J., Kemmerer, R.A., Popek, G.J.: Specification and Verification of the UCLA Unix Security Kernel. ACM, New York (1980)
Di Vito, B.L., Palmquist, P.H., Anderson, E.R., Johnston, M.L.: Specification and Verification of the ASOS Kernel. IEEE, Los Alamitos (1990)
Shapiro, J.S., Weber, S.: Verifying Operating System Security. Computer and Information Sciences Technical Report MS-CIS-97-26 (1997)
Katoen, J.-P.: Concepts, Algorithms, and Tools for Model Checking. Lecture Notes of the Course Mechanised Validation of Parallel Systems (1998/1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yi, Xd., Yang, Xj. (2003). A Security Verification Method for Information Flow Security Policies Implemented in Operating Systems. In: Qing, S., Gollmann, D., Zhou, J. (eds) Information and Communications Security. ICICS 2003. Lecture Notes in Computer Science, vol 2836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39927-8_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-39927-8_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20150-2
Online ISBN: 978-3-540-39927-8
eBook Packages: Springer Book Archive