Abstract
This paper describes the development of a formal security policy model, in Z, for the NATO Air Command and Control System (ACCS): a large, distributed, multi-level-secure system. The model was subject to manual validation, and some of the issues and lessons in both writing and validating the model are discussed.
Preview
Unable to display preview. Download preview PDF.
References
Barden, R., Stepney, S., Cooper D.: The Use of Z. Z User Workshop York 1991. Ed. J Nicholls. Springer-Verlag (1992).
Bell, D.E., LaPadula, L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. MTR-2997 Revision 1. (March 1976).
Clark, D.D., Wilson, D.R.: A Comparison of Commercial and Military Computer Security Policies. Proceedings of the IEEE Symposium on Security and Privacy (1987).
Flynn, M., Hoverd, T., Brazier, D.: Formaliser — An Interactive Support Tool for Z. Z User Workshop Oxford 1989. Ed. J Nicholls. Springer-Verlag (1989).
Semmens, L., Allen, P.: Using Yourdon and Z: an Approach to Formal Specification Z User Workshop Oxford 1990. Ed. JE Nicholls. Springer-Verlag (1991).
Polack, F., Whiston, M., Hitchcock, P.: Structured Analysis — A Draft Method for Writing Z Specifications. Z User Workshop York 1991. Ed. J Nicholls. Springer-Verlag (1992).
Stepney, S.: Entity Relationship Diagrams and Z — The Best of Both Worlds. Logica Advanced Software Engineering Division Technical Report 3 (1991).
Penny, D.A., Holt, R.C., Godfrey, M.W.: Formal Specification in Metamorphic Programming. VDM '91 — 4th International Symposium of VDM Europe Proceedings. Springer-Verlag (1991).
Garlan, D., Delisle, N.: Formal Specifications as Reusable Frameworks VDM '90 — 3rd International Symposium of VDM Europe Proceedings. Springer-Verlag (1990).
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1993 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boswell, T. (1993). Specification and validation of a security policy model. In: Woodcock, J.C.P., Larsen, P.G. (eds) FME '93: Industrial-Strength Formal Methods. FME 1993. Lecture Notes in Computer Science, vol 670. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0024636
Download citation
DOI: https://doi.org/10.1007/BFb0024636
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56662-5
Online ISBN: 978-3-540-47623-8
eBook Packages: Springer Book Archive