Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method for verifying security model of computer system

A computer system and security model technology, applied in computer security devices, computing, digital data authentication, etc., can solve the problems of model state explosion, inability to reflect the dynamic properties of security models, and lack of timing behavior determination of security models, and improve the degree of automation. , the effect of verification ability improvement

Inactive Publication Date: 2011-09-21
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method tries to analyze the security model by using mature automatic analysis tools for model checking. However, its modeling method is completed manually by the verifier, which requires very familiarity with the model checking technology, otherwise a slight negligence will lead to the failure of the constructed model. The problem with state explosion
The third type of method uses the UML language familiar to developers to describe the security model. This method can only construct the static structure of the security model at present, and cannot reflect the dynamic attributes of the security model. The timing behavior of the model is judged

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for verifying security model of computer system
  • Method for verifying security model of computer system
  • Method for verifying security model of computer system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The input of the present invention is a computer system security model and security attributes to be verified. The input information is divided into two parts, one part comes from the computer system security model that will be implemented or has been implemented in development, it can come from any computer software system and equipment that needs security enhancement, such as hosts, servers, intrusion detection systems, routers, Firewall and so on. The input models obtained after formal abstraction and extraction of security mechanisms on these devices can be used as input information of the present invention. The other part comes from the security requirements of these systems and equipment or the security attributes that should be met, such as confidentiality and data integrity. The above information requirements are complete and comprehensive, the more complete the information, the more accurate the verification results. Through the layer-by-layer processing and ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for verifying a security model of a computer system, and belongs to the technical field of security of an operating system. The method provided by the invention comprises the steps: (1) an ML (modeling language) modeling module describes the dynamic and the static attributes of a security model of a computer system by adopting of a UML (unified modeling language) description language to obtain the UML model of the security model of the computer system; (2) a security attribute to be verified is described through a mathematical logical formula adopted by a preset formal verification tool; (3) the UML model is converted into an input model, capable of being processed by the preset formal verification tool, through a UML model conversion module; and (4) state traversal is performed on the input model through the preset formal verification tool, the satisifiability of the formula obtained in the step (2) on each state is calculated, and verified results are output. By means of the invention, the automation degree of verification and the verification capability are improved, and at the same time, the structural defects of the security model per se and the condition of violation of a time sequence attribute can be verified.

Description

technical field [0001] The invention belongs to the technical field of operating system security, and in particular relates to a computer system security model verification method. Background technique [0002] With the rapid development of computer technology and communication technology and the continuous increase of user needs, computer operating systems, as the underlying software of various applications, are increasingly dependent on them. However, while enjoying the powerful functions and convenience brought by computing technology and the accompanying network communication technology, people are also facing increasingly severe information security situation. Introducing a security model in the system design stage can root out the opportunities left to hackers due to design flaws. Therefore, how to verify whether the security model adopted by a computer system is correct or not has become a research hotspot in the field of computer security. Formal technology has rece...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/30
Inventor 张阳程亮冯登国
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com