Test Generation for Network Security Rules

Darmaillacq, V.; Fernandez, Jean-Claude; Groz, Roland; Mounier, Laurent; Richier, Jean-Luc

doi:10.1007/11754008_22

Cited by 21 publications

(19 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For such services, naturally subject to malicious attacks, methods to certify their security are crucial. In this context there has been many research to develop formal methods for the design of secure systems and a growing interest in the formal verification of security properties [3,15,19] and in their model-based testing [8,11,17,18,23]. This line of research therefore complete at the computational level the large amount of work on cryptography and cryptographic protocols.…”

Section: Introductionmentioning

confidence: 99%

Synthesis of opaque systems with static and dynamic masks

Cassez

Dubreil

Marchand

2012

Form Methods Syst Des

131

View full text Add to dashboard Cite

Opacity is a security property formalizing the absence of secret information leakage and we address in this paper the problem of synthesizing opaque systems. A secret predicate S over the runs of a system G is opaque to an external user having partial observability over G, if s/he can never infer from the observation of a run of G that the run belongs to S. We choose to control the observability of events by adding a device, called a mask, between the system G and the users. We first investigate the case of static partial observability where the set of events the user can observe is fixed a priori by a static mask. In this context, we show that checking whether a system is opaque is PSPACE-complete, which implies that computing an optimal static mask ensuring opacity is also a PSPACE-complete problem. Next, we introduce dynamic partial observability where the set of events the user can observe changes over time and is chosen by a dynamic mask. We show how to check that a system is opaque w.r.t. to a dynamic mask and also address the corresponding synthesis problem: given a system G and secret states S, compute the set of dynamic masks under which S is opaque. Our main result is that the set of such masks can be finitely represented and can be computed in EXPTIME and this is a lower bound. Finally we also address the problem of computing an optimal mask.

show abstract

Section: Introductionmentioning

confidence: 99%

Synthesis of opaque systems with static and dynamic masks

Cassez

Dubreil

Marchand

2012

Form Methods Syst Des

131

View full text Add to dashboard Cite

show abstract

“…For such services, naturally subject to malicious attacks, methods to certify their security are crucial. In this context there has been many research to develop formal methods for the design of secure systems and a growing interest in the formal verification of security properties [16,3,12] and in their model-based testing [20,15,6,14,10]. Security properties are generally divided into three categories: integrity, availability and confidentiality.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Observers for the Synthesis of Opaque Systems

Cassez

Dubreil

Marchand

2009

Automated Technology for Verification and Analysis

View full text Add to dashboard Cite

In this paper, we address the problem of synthesizing opaque systems. A secret predicate S over the runs of a system G is opaque to an external user having partial observability over G, if s/he can never infer from the observation of a run of G that the run belongs to S. We first investigate the case of static partial observability where the set of events the user can observe is fixed a priori. In this context, we show that checking whether a system is opaque is PSPACE-complete, which implies that computing an optimal static observer ensuring opacity is also a PSPACE-complete problem. Next, we introduce dynamic partial observability where the set of events the user can observe changes over time. We show how to check that a system is opaque w.r.t. to a dynamic observer and also address the corresponding synthesis problem: given a system G and secret states S, compute the set of dynamic observers under which S is opaque. Our main result is that the set of such observers can be finitely represented and can be computed in EXPTIME.Key-words: security, confidentiality property, opacity, synthesis, dynamic observation Observateurs dynamiques pour la synthèse de systèmes opaques Résumé : Dans cette article, nous nous intéressonsà la synthèse de systèmes opaques. Un prédicat S sur les exécutions d'un système G est opaque visà vis d'un utilisateur, observant partiellement le système, si celui-ci ne peut jamais déduire des traces observées que l'exécution courante appartientà S. Dans un premier temps, nous nous intéressons au cas où le sous-ensemble desévénements que l'attaquant peut observer est fixe. Dans ce cadre, nous montrons que la vérification de l'opacité est PSPACE complète. Dans un deuxième temps, nous introduisons la notion d'observation partielle dynamique qui traduit le fait que l'ensemble desévénements que l'attaquant peut observer varie avec le temps. Nous montrons comment vérifier l'opacité sur un système visà vis d'un observateur dynamique et considéronségalement le problème de synthèse associé:étant donné un système G et un secret S, calculer l'ensemble des observateurs dynamiques pour lesquels S est opaque. Nous montrons ainsi que cet ensemble peutêtre représenté de manière fini avec une complexité de calcul EXPTIME.

show abstract

“…This works extends some preliminary descriptions on this technique [3,4] in several directions: first we try to demonstrate that it is general enough to support several logical formalisms, then we apply it for the well-known LTL temporal logic, and finally we evaluate it on a small case study using a prototype tool under development.…”

Section: Introductionmentioning

confidence: 80%

A Compositional Testing Framework Driven by Partial Specifications

Falcone

Fernandez

Mounier

et al. 2007

Testing of Software and Communicating Systems

Self Cite

View full text Add to dashboard Cite

Abstract. We present a testing framework using a compositional approach to generate and execute test cases. Test cases are generated and combined with respect to a partial specification expressed as a set of requirements and elementary test cases. These approach and framework are supported by a prototype tool presented here. The framework is presented here in its LTL-like application, besides other specification formalisms can be added.

show abstract

Test Generation for Network Security Rules

Cited by 21 publications

References 8 publications

Synthesis of opaque systems with static and dynamic masks

Synthesis of opaque systems with static and dynamic masks

Dynamic Observers for the Synthesis of Opaque Systems

A Compositional Testing Framework Driven by Partial Specifications

Contact Info

Product

Resources

About