Formal Specification and Analysis of the MIDP 3.0 Security Model

2009 ◽  
Author(s):  
Gustavo Mazeikis ◽  
Gustavo Betarte ◽  
Carlos Luna
Keyword(s):  
Formal Specification ◽  
Security Model

scholarly journals A formal approach for the verification of the permission-based security model of Android

2018 ◽  
Vol 21 (2) ◽  
Author(s):  
Carlos Luna ◽  
Gustavo Betarte ◽  
Juan Campo ◽  
Camila Sanz ◽  
Maximiliano Cristiá ◽  
...  
Keyword(s):  
Formal Specification ◽  
Control Policy ◽  
Proof Assistant ◽  
Security Model ◽  
Access Control Policy ◽  
Formal Approach ◽  
Fundamental Properties ◽  
The Coq Proof Assistant ◽  
Coq Proof Assistant ◽  
Security Properties

This article reports on our experiences in applying formal methods to verify the security mechanisms of Android. We have developed a comprehensive formal specification of Android's permission model, which has been used to state and prove properties that establish expected behavior of the procedures that enforce the defined access control policy. We are also interested in providing guarantees concerning actual implementations of the mechanisms. Therefore we are following a verification approach that combines the use of idealized models, on which fundamental properties are formally verified, with testing of actual implementations using lightweight model-based techniques. We describe the formalized model, present security properties that have been proved using the Coq proof assistant and propose the use of a certified algorithm for performing verification activities such as monitoring of actual implementations of the platform and also as a testing oracle.

Formal Specification and Design

1992 ◽  
Author(s):  
L. M. G. Feijs ◽  
H. B. M. Jonkers
Keyword(s):  
Formal Specification

Security of Cyber-Physical Systems: A Generalized Algorithm for Intrusion Detection and Determining Security Robustness of Cyber Physical Systems using Logical Truth Tables

2013 ◽  
Vol 9 ◽  
Author(s):  
Curtis G. Northcutt
Keyword(s):  
Intrusion Detection ◽  
Cyber Security ◽  
Logical Truth ◽  
Cyber Physical Systems ◽  
Security Model ◽  
Security Measures ◽  
Physical Systems ◽  
Multiple Signal ◽  
Security Attack ◽  
Truth Tables

The recent proliferation of embedded cyber components in modern physical systems [1] has generated a variety of new security risks which threaten not only cyberspace, but our physical environment as well. Whereas earlier security threats resided primarily in cyberspace, the increasing marriage of digital technology with mechanical systems in cyber-physical systems (CPS), suggests the need for more advanced generalized CPS security measures. To address this problem, in this paper we consider the first step toward an improved security model: detecting the security attack. Using logical truth tables, we have developed a generalized algorithm for intrusion detection in CPS for systems which can be defined over discrete set of valued states. Additionally, a robustness algorithm is given which determines the level of security of a discrete-valued CPS against varying combinations of multiple signal alterations. These algorithms, when coupled with encryption keys which disallow multiple signal alteration, provide for a generalized security methodology for both cyber-security and cyber-physical systems.

Sign in / Sign up

Export Citation Format

Share Document