YX Jiang,CC Lin,H Yin,ZX Tan

DOI: https://doi.org/10.1109/icsmc.2004.1400987

2004-01-01

Abstract:Mandatory access control (MAC) model is an important security model. Based on the lattice model of security level and Bell-LaPadula model the definition of MAC security model is formally described in detail. The equivalent MAC security model described by colored Petri nets (CPN) is proposed. According to the state reachability graph, four security properties of MAC security model, i.e. the access temporal relations, the reachability of objects when subject accesses them, hidden security holes due to the dynamic security level, the indirect reasoning of confidential information flow between different objects, are explored at length. In addition, an example of the security model is illustrated and the conclusions show that the security model based on Petri nets is not only a concise graphic analysis method, but also suited to be formally verified. This model can efficiently improve the whole security policies during the system security design and implementation.

YX Jiang,C Lin,Z Chen,H Yin

DOI: https://doi.org/10.1109/iri.2004.1431473

2004-01-01

Abstract:MAC (mandatory access control) model is a basic security model for describing and verifying information system. In this paper a method is presented to verify security policies in MAC model by means of colored Petri nets (CPN). The main theme of this paper is depicted as follows: firstly, based on the lattice model of multilevel security (MLS) and Bell-LaPadula model, the MAC model is formally defined. Subsequently, an equivalent MAC model described by colored Petri nets (CPN) is proposed. According to the derived state reachability graph, four security properties of access control policy relations in MAC model are investigated, i.e. access temporal relations, access reachability, covert channel analysis, inference of sensitive information. An example of the security model is given for illustration. The results show that this concise graphic analysis method is suitable for formal verification. This method can be efficiently used to analyze information flow security and therefore improve the whole access control policies during security design and implementation of the system.

Vincent C. Hu,D. Richard Kuhn,Tao Xie,Jeehyun Hwang

DOI: https://doi.org/10.1142/s021819401100513x

IF: 1.007

2011-01-01

International Journal of Software Engineering and Knowledge Engineering

Abstract:Mandatory access control (MAC) mechanisms control which users or processes have access to which resources in a system. MAC policies are increasingly specified to facilitate managing and maintaining access control. However, the correct specification of the policies is a very challenging problem. To formally and precisely capture the security properties that MAC should adhere to, MAC models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a general approach for property verification for MAC models. The approach defines a standardized structure for MAC models, providing for both property verification and automated generation of test cases. The approach expresses MAC models in the specification language of a model checker and expresses generic access control properties in the property language. Then the approach uses the model checker to verify the integrity, coverage, and confinement of these properties for the MAC models and finally generates test cases via combinatorial covering array for the system implementations of the models.

黄益民,平玲娣,潘雪增

DOI: https://doi.org/10.3785/j.issn.1008-973x.2001.06.005

2001-01-01

Abstract:After study of existing security models; analysis of information flow model, Bell-LaPadula(BLP) access control model and Biba access control model; and collation and comparison of their advantages and disadvantages, an improved model is put forward that satisfies the actual demands of information security. An implementation strategy is put forward that ensures information security, reliability, practicality and compatibility in the designed security system. An implementation scheme of this security system and its components and functions is provided. This system combines the following functions: mandatory access contro1, privilege separation, security audit, identity authentication and self-protection. It achieves the level 3 of national information security standard and level B1 of TCSEC standard. It was implemented in the Windows NT and Linux operating system and has yielded good resultsin application.

CH Fang,W Peng,XZ Ye,SY Zhang

DOI: https://doi.org/10.1109/cscwd.2005.194248

2007-01-01

Journal of Software

Abstract:Access control is one of the key steps to ensuring the availability, confidentiality and integrity of system resources. While it has been fully applied in various network systems, it's still relatively new for collaborative CAD. This paper provides a new framework of multi-level access control for collaborative CAD based on hierarchical product modeling. A layered privilege model (LPM) has been developed to provide multi-granularity access permissions in the part level and feature level. An extended hierarchy role-based access control (EHRBAC) is implemented, integrated with LPM and common Hierarchy RBAC, to provide hierarchical access control of collaborative feature modeling in the component/part level and design feature level. Mesh simplification techniques are used to create variable level-of-detail for individual features.

曾璎珞,潘雪增,陈健

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.052

2010-01-01

Abstract:This paper proposes a dynamic security access control model based on system reliability,so as to improve the flexibility of combination among multiple security access control strategies,and to ensure system security and practicality.The model can choose the proper kind of combination among the security access control strategies dynamically in order to deal with different system states and improve the whole system performance.Experimental results prove that this model makes the multiple strategies control more flexible,ensures the system security,and improves practicality of the system.

CHEN Hui,ZHOU Xue-Hai,CHEN Xiang-Lan

DOI: https://doi.org/10.3969/j.issn.1003-3254.2010.12.003

2010-01-01

Abstract:Security is always a hot topic with the development of computer technologies.Currently,mechanisms like active defense,detection and anti-detection are proposed.They could be implemented on different levels such as application-level and kernel-level in the system.We manage to go to the system-level.Linux owns mature security-enhanced version SELinux.For Windows,we focus on mandatory access control and propose a mechanism with improved efficiency,compatibility and stability.

Tieming Chen,Zhenbo Yu,Shijian Li,Bo Chen

DOI: https://doi.org/10.1155/2016/8797568

IF: 2.336

2016-01-01

Journal of Sensors

Abstract:Model checking has successfully been applied on verification of security protocols, but the modeling process is always tedious and proficient knowledge of formal method is also needed although the final verification could be automatic depending on specific tools. At the same time, due to the appearance of novel kind of networks, such as wireless sensor networks (WSN) and wireless body area networks (WBAN), formal modeling and verification for these domain-specific systems are quite challenging. In this paper, a specific and novel formal modeling and verification method is proposed and implemented using an expandable tool called PAT to do WSN-specific security verification. At first, an abstract modeling data structure for CSP#, which is built in PAT, is developed to support the nodemobility related specification for modeling location-based node activity. Then, the traditional Dolev Yao model is redefined to facilitate modeling of location-specific attack behaviors on security mechanism. A throughout formal verification application on a location-based security protocol in WSN is described in detail to show the usability and effectiveness of the proposed methodology. Furthermore, also a novel location-based authentication security protocol in WBAN can be successfully modeled and verified directly using our method, which is, to the best of our knowledge, the first effort on employing model checking for automatic analysis of authentication protocol for WBAN.

YANG Zhi,YIN Li-Hua,DUAN Mi-Yi,WU Jin-Yu,JIN Shu-Yuan,GUO Li

DOI: https://doi.org/10.3724/sp.j.1001.2012.04083

2012-01-01

Journal of Software

Abstract:Dynamically adjusting the security label of each subject is a main approach to improving the availability of MAC models.It includes the method of security label range and the method of taint propagation.The former lacks the support for a less proviledge subject,and the latter has a known covert channels.In this paper,a model called generalized taint propagation model(GTPM) is proposed to protect the confidentiality and integrity of operating systems.It inherits the least privilege characteristic of taint propagation model(TPM),expands the semantics of TPM to close the known covert channels,and introduces declassification and decontamination capacities of subjects to avoid accumulating contamination.The paper also introduces its specification using communicating sequential processes(CSP) language to clear the formal semantics of a GTPM operating system's behaviors of information flow control;Moreover,the study noninterference with declassification in CSP verification model of process equivalence,and proves that abstract GTPM system have the security property of noninterference with declassification in virtue of FDR tool.Finally,this paper uses an example to demonstrate its improvement of availability.

Xin YANG,Hui LI,Jiangxing WU,Peng YI

DOI: https://doi.org/10.1360/ssi-2019-0224

2020-01-01

Abstract:Cyber mimic defenses have recently emerged as a dynamic heterogeneity redundancy architecture, which adjust the asymmetry between defenders and attackers by reconfiguring the system according to the network scenario. Some studies have investigated the effectiveness of security models, however, there is still a lack of convincing and practical methods to assess CMD networks quantitatively. Thus, in this paper, we propose a two-dimension model that calculates those details as a digital result to compare different CMD networks. In addition, the proposed method demonstrates good scalability in different networks. Specifically, in the first dimension, i.e., attacking a single node, we elaborate on system configurations and employ the Generalized Stochastic Petri net model to capture the effectiveness of different behaviors from gamers. To quantify the impacts of those behaviors, we parameterized them using a Poisson process, common vulnerabilities and exposures, and the common vulnerability scoring system. In the second dimension, we adopt Markov chains and the Martingale theory to analyze the attack process along the attack chain. Finally, security metrics and countermeasures under different scenarios are presented to verify the effectiveness of CMD, which provides some guidance for designing future systems with acceptable cost.

Kuangyi ZENG,Jinxiang ZHANG,Jiahai YANG

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.11.050

2006-01-01

Abstract:A new model for policy refinement is presented at the application background of CERNET.Using the properties of access control list(ACL) in this model,the policies described in different specification languages are mapped into access control lists,which are distributed to different network devices to enforce.Thus,the complex transformation logic in traditional policy refinement fashion is simplified,especially,security and access control configuration management can be automated

Zheng Xiao-lin,Lei Yu,Chen De-ren

DOI: https://doi.org/10.1007/s11460-006-0089-x

2006-01-01

Frontiers of Electrical and Electronic Engineering in China

Abstract:An integrated user access control method was proposed to address the issues of security and management in networked manufacturing systems (NMS). Based on the analysis of the security issues in networked manufacturing system, an integrated user access control method composed of role-based access control (RBAC), task-based access control (TBAC), relationship-driven access control (RDAC) and coalition-based access control (CBAC) was proposed, including the hierarchical user relationship model, the reference model and the process model. The elements and their relationships were defined, and the expressions of constraints authorization were given. The extensible access control markup language (XACML) was used to implement this method. This method was used in the networked manufacturing system in the Shaoxing spinning region of China. The results show that the integrated user access control method can reduce the costs of system security maintenance and management.

蒋屹新,林闯,曲扬,尹浩

2004-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:Model-Checking is a formal verified technique to check on whether a computing model, by searching the model state spaces, satisfies a given property described by an appropriate temporal logic. The main drawback of model checking, the explosion problem of state spaces, is mainly caused by concurrence and the interleaving semantics used to represent any sequences of possible actions. In this paper, the correlative model-checking theory and techniques based on Petri Nets are investigated in detailed, especially about the following problems, i.e. partial order reduction and partial order semantics techniques based on the state reachability graph, Buchi automata method, state cohesion method based on Petri Nets, and symbolic and parametriesed model-checking techniques based on system symmetries. Moreover, the key idea and our main researching work in the future are listed. With the gradual improvement of reducing techniques of state space and optimization of model-checking algorithm, model-checking technique has been successfully applied to verify communication protocols and complex hardware logic circuits, and also takes on a wide application prospect in other fields.

JIANG Yang,LUO Gui-ming

2007-01-01

Journal of Computer Applications

Abstract:Petri-net is a precise mathematic model which is suitable to describe concurrency,synchronism and non-determinism,and it has been widely used in the design of software/hardware systems.In this paper,we extended the basic simple Petri-net,advanced MCPN(Petri-net for model checking) which is more suitable for model checking,and transformed MCPN models into PROMELA — the input language of model checker SPIN.Then we can use the SPIN tools to do the model checking work in order to enhance the reliability of system design.We considered simultaneous firing of sets of transitions(Transitions in the set have no conflict with each other).Also we developed a method to handle the fairness problem effectively.Finally our approach is exemplified by a case study.

Vincent C. Hu,D. Richard Kuhn,Tao Xie

DOI: https://doi.org/10.1109/euc.2008.22

2008-01-01

Abstract:To formally and precisely capture the security properties that access control should adhere to, access control models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new general approach for property verification for access control models. The approach defines a standardized structure for access control models, providing for both property verification and automated generation of test cases. The approach expresses access control models in the specification language of a model checker and expresses generic access control properties in the property language. Then the approach uses the model checker to verify these properties for the access control models and generates test cases via combinatorial covering array for the system implementations of the models.

Li Wei,Cai Zhongmin,Xiaohong Guan

DOI: https://doi.org/10.3321/j.issn:0253-987x.2006.10.001

2006-01-01

Abstract:An analysis method of Internet architecture security is presented by introducing the concept of access relations and access streams to show that the access control is a procedure to reduce access relations according to certain security policies in the traditional network access control. On the basis of the concept, a new scheme of data classification is proposed based on real and anonymous addresses and network addresses of the control and application data. A set of the corresponding global access control rules is established under the conditions of the openness and manageability of the uniform network, security and user privacy. The analysis of the scheme shows that the proposed method reduces access relations significantly, and the level of the Internet architecture security is increased wholly.

LIU Wei-peng,HU Jun,LV Hui-jun,LIU Yi

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.07.056

2008-01-01

Abstract:This paper analyses the main design idea of Linux Security Module(LSM) and the problem of the intrinsic access control mechanism of Linux executable program, and discusses the design of Mandatory Access Control(MAC) mechanism of executable program based on LSM. As the demonstration, it implements a MAC system prototype based on Linux kernel 2.6.11. The illumination that how to implement MAC of executable program in operating system is given.

C Cao,J Lu

DOI: https://doi.org/10.1109/icdcsw.2005.19

2005-01-01

Abstract:To solve the security issues in a mobile agent system, the access control is always employed. Existing access control models enable the agent's identity, trust and other information to influence the security decisions. We argue that the path, which a mobile agent travels along, should be taken into consideration and affect what the agent can do dynamically. An access control model is proposed in this paper which captures the path history of the agent and reaches a decision according to both whether the path matches a path pattern set and whether the path can follow a host patch set. The flexibility of this model is shown and some issues in implementing such a model are discussed as well.

Ran Yang,Chuang Lin,Fujun Feng

DOI: https://doi.org/10.4304/jcp.4.6.510-518

2009-01-01

Journal of Computers

Abstract:Access control is one of the most important technologies to guarantee computer security. A new model with support for valid time and usage constraint is described based on full analysis of flaws in existing models. In the new model, authorization rules can express access control policies completely and access constraints are necessary conditions to prevent authorization abuse. To solve the problems in implementation of the model, a sound scheme for administration of authorizations is proposed and some access decision algorithms are developed.

Jianming Shi,Tao Feng,Lu Zheng,Yi Wu

DOI: https://doi.org/10.3390/sym16121612

2024-12-06

Symmetry

Abstract:The NC-Link protocol, as an integrated communication protocol in the Computerized Numerical Control (CNC) machine tool industry, has drawn significant attention regarding its security since its inception. Although there have been studies proposing improvements to address security issues related to key management and message transmission, systematic security analysis of the protocol remains relatively weak. To better investigate and enhance the security of the NC-Link protocol, our research introduces a formal modeling and analysis method based on Colored Petri Nets (CPN). By establishing a CPN model of the protocol, we analyze the security issues present during communication and propose improvement measures for verification and analysis. First, we developed a CPN model for the NC-Link protocol and verified the model's feasibility through simulation analysis. Subsequently, we introduced an attacker model to analyze the protocol's authentication interaction process, revealing security issues, such as authentication vulnerabilities and key management flaws. Finally, we proposed an improved scheme addressing these issues and conducted a security validation and cost analysis of this scheme. The results show that the improved protocol reduces the computational overhead by 75% during the connection and interaction phases. This indicates that the improved protocol can achieve interactions at a faster speed while maintaining higher security and reliability. The implementation of this scheme provides new reference ideas for related research.

multidisciplinary sciences