Heuristics for Safety and Security Constraints

Heuristics for Safety and Security Constraints

The flow logic approach to static analysis amounts to specifying the admissibility of solutions to analysis problems; when specified using formulae in stratified alternation-free least fixed point logic one may use efficient algorithms for computing the least admissible solutions. We extend this sce...

Full description

Saved in:
Bibliographic Details
Published in:Electronic notes in theoretical computer science Vol. 172; pp. 523 - 543
Main Authors: Nielson, Flemming, Riis Nielson, Hanne
Format: Journal Article
Language:English
Published: Elsevier B.V 01-04-2007
Subjects:
Bell-LaPadula Mandatory Access Control
Flow Logic
Least Fixed Point logic
Security Properties
Static Analysis
Security Properties
Least Fixed Point logic
Bell-LaPadula Mandatory Access Control
Flow Logic
Static Analysis
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The flow logic approach to static analysis amounts to specifying the admissibility of solutions to analysis problems; when specified using formulae in stratified alternation-free least fixed point logic one may use efficient algorithms for computing the least admissible solutions. We extend this scenario to validate the fulfilment of safety and security constraints on admissible solutions; the modified development produces a least solution together with a boolean value indicating whether or not the constraints are validated or violated. The main contribution is the development of a deterministic heuristics for obtaining a solution that is close to the least solution while enforcing the safety or security constraints. We illustrate it on the Bell-LaPadula mandatory access control policy where the heuristics is used to suggest modifications to the security annotations of entities in order for the security policy to hold.
ISSN:1571-0661
1571-0661
DOI:10.1016/j.entcs.2007.02.018