model based security
play

Model-Based Security M. Ochoa Verification and Testing for F. - PowerPoint PPT Presentation

Jan 04, 2024 •185 likes •356 views

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011 OUTLINE Introduction Background UMLsec Model-based Testing Security in smart-card

  1. Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011

  2. OUTLINE • Introduction • Background • UMLsec • Model-based Testing • Security in smart-card life-cycles • Correct security testing • Validation E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 2

  3. Research question? Security by design MBT Can we unify these two approaches? (to some extent) E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 3

  4. Background: UMLsec UMLsec is a lightweight extension of UML by means of stereotypes and tagged values. • Formally well-founded (based on a formalization of a fragment of UML). • Supports a collection of different security verification techniques across UML system views. • Tool supported . E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 4

  5. Background: UMLsec Satisfies property P? UML UML system system Model Model Counterexample UMLsec extends Class, Sequence, Activity, Statechart and Deployment diagrams and allows to verify Dolev-Yao cryptography, Non-interference and RBAC among others. There is tool support for most of the UMLsec stereotypes. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 5

  6. Background: MBT with Schemas Generated test conform UML UML to model prediction? Model of Model of + Schemas Expected Expected behavior behavior !!! • Automated test generation from security properties to testing needs using schemas • Ensure security property coverage • Traceability between generated tests and security property E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 6

  7. Background: MBT with Schemas Schema Language: Allows a straightforward, imperative-programming- like definition of Test Schemas, from which automatic test sequences can be generated. For example: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 7

  8. Security in Smart-card Life-cycle A smart-card has typically a well-defined life-cycle, that ranges from pre-deployment to active and eventually to a locked-status or a terminated status where is not possible to use the card any more. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 8

  9. Security in Smart-card Life-cycle Example: Global Platform Specification v 2.1.1 on the Card Life Cycle Scope E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 9

  10. Security in Smart-card Life-cycle Natural security requirements on the life-cycle to prevent D.O.S attacks: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 10

  11. Correct security testing Main ideas: • Is the expected behaviour, as described by the models in MBT already trivially violating the security properties to be tested? • Can we improve the quality of the MBT by using the UMLsec philosophy? • Can we also automatically generate schemas from this analysis? E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 11

  12. Correct security testing UMLsec new stereotypes for Security Properties 1 and 2 on statecharts: <<locked-status>> together with tag {status} specifies a status (node) in the statechart that should not have outgoing transitions to other nodes. <<authorized>> together with tags {status} and {permission} checks that all transitions to a given node contain a given permission check in their guard. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 12

  13. Correct security testing From the testing perspective, we can express the security properties as hoare triples {P} S {Q} where P and Q are FOL formulas quantifying over system variables and S is a set of system commands. For example: Locked-status: Authorized: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 13

  14. Validation Automatically verified some violating models of the GP v 2.1.1 card life- cycle E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 14

  15. Validation Generated schema: Using the schema we have generated13 tests. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 15

  16. CONCLUSION AND FUTURE WORK - Take into account the evolution aspect i.e - Specification can evolve thus the model and/or - The security property can evolve - Schema language extensions - Methods and tools’ evaluation on other systems and for other security properties. - Integration of tool support E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 16

  17. Questions? 17 E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’

Recommend

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL and XMLDsig Claes Nilsson Technology Area Group Leader Web Browsing Marcus Liwell Technology Area Group Leader Security and DRM Rev 1

576 views • 12 slides
Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

2 Herausforderung: Security Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens Sicherheits-Mechanismen umgehen statt brechen. Sichere Systems aus Computing Department unsicheren Komponenten ? The

314 views • 6 slides
Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The Open University, GB http://www.umlsec.org Challenge: Security Security is holistic property: Attackers often circumvent (not: break) mechanisms.

639 views • 36 slides
SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as

SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as

Japan-Austria Joint Workshop on ICT October 18-19 2010, Tokyo, Japan SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as a Service Basel Katt , Ruth Breu, Mukhtiar Memon and Michael

646 views • 26 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY

eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY

eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY AWARENESS MODEL (ESAM) IS A SELF-ASSESSMENT TOOL GOAL OF THE EDOCUMENT SECURITY AWARENESS MODEL: Help governments with their secure document

579 views • 28 slides
Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian Pape Dortmund Technical University March 5th, 2014 Financial Cryptography and Data Security 2014 Sebastian Pape Sample or Random Security March

541 views • 25 slides
A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security

A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security

A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security Studies Division, Nuclear Controls and Planning Wing Department of Atomic Energy, Mumbai, India 400001 Email: garimas@dae.gov.in Black Swan Event

184 views • 15 slides
How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

Universit degli Studi di Trento How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach L. Compagna, P. El Khoury F. Massacci , N. Zannone R. Thomas Security Research Dept.

357 views • 14 slides
Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1 Slide 7-1 Outline Goals Deadlock Denial of service Constraint-based model State-based model Networks and flooding

971 views • 63 slides
Security model for hybrid token-based networking models By Rudy Borgstede Contents

Security model for hybrid token-based networking models By Rudy Borgstede Contents

Security model for hybrid token-based networking models By Rudy Borgstede Contents Project Background Complex Resource Provisioning and Token-Based Networking Token Validation Service, the Java Aaauthreach project

504 views • 21 slides
A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog

A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog

A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog Everything that is not forbidden is compulsory -T.H. White They are after you Monsters in the Closet Virus Trojans Denial

748 views • 28 slides
Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College

Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College

Model Checking Multiagent Systems MAS for Security Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College London Department of Computing September 2015 logo Model Checking Multiagent Systems MAS for

567 views • 46 slides
A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017 Contents Motivation Introduction Contributions Why Answer Set Programming ? Running Example

449 views • 30 slides
Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit

Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit

Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit Biswas, Ravi Sandhu and Ram Krishnan Department of Computer Science Department of Electrical and Computer Engineering 10th International Conference

210 views • 18 slides
1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms

1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms

1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms Estimation of Distribution Algorithms (EDAs) Cross-Entropy (CE) Method Model Reference Adaptive Search (MRAS) Convergence of MRAS

367 views • 34 slides
Web Security: Basic Web Security Model [continued] Spring

Web Security: Basic Web Security Model [continued] Spring

CSE 484 / CSE M 584: Computer Security and Privacy Web Security: Basic Web Security Model [continued] Spring 2015 Franziska (Franzi) Roesner

510 views • 18 slides
Usable Security of Named Data Networking Yingdi Yu 1 Traditional communication model of

Usable Security of Named Data Networking Yingdi Yu 1 Traditional communication model of

Usable Security of Named Data Networking Yingdi Yu 1 Traditional communication model of Internet Speaking to a host end-to-end channel Communication security container-based authenticity: X.509, Certificate

678 views • 57 slides
1 Model-Based Classification Model-Based Classification Model-based approach Build a

1 Model-Based Classification Model-Based Classification Model-based approach Build a

Machine Learning CSE 473: Artificial Intelligence Nave Bayes Up until now: how use a model to make optimal decisions Machine learning: how to acquire a model from data / experience Learning parameters (e.g. probabilities)

628 views • 8 slides
The Biba Model contd Security with respect to integrity in the Biba model is described by

The Biba Model contd Security with respect to integrity in the Biba model is described by

The Biba Model contd Security with respect to integrity in the Biba model is described by the following two axioms: Simple security property: Writing information to an object o by a subject s requires that SC(s) dominates SC(o) (no

690 views • 43 slides
Robustness of model-based control Emo Todorov Roboti LLC University of Washington Model-based

Robustness of model-based control Emo Todorov Roboti LLC University of Washington Model-based

Robustness of model-based control Emo Todorov Roboti LLC University of Washington Model-based control already works on complex dynamical systems Abbeel et al, IJRR 2010 nominal model physics model predictive control Williams et al, ICRA

251 views • 10 slides
The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same

The Network Network Security Secure against what/whom Security goals Attacker model Same hub `trusted LAN Internet Eavesdrop / block messages / insert messages / ... Typical attacker model security protocol analysis: Attacker

780 views • 63 slides
From the Ground Up Security DNS-based Security of the

From the Ground Up Security DNS-based Security of the

From the Ground Up Security DNS-based Security of the Internet Infrastructure Benno Overeinder NLnet Labs http://www.nlnetlabs.nl/ INTRO NLnet

795 views • 28 slides
Context-based Parametric Relationship Model (CPRM) to Measure the Security and QoS tradeoff in

Context-based Parametric Relationship Model (CPRM) to Measure the Security and QoS tradeoff in

Context-based Parametric Relationship Model (CPRM) to Measure the Security and QoS tradeoff in Configurable Environments Ana Nieto Javier Lopez nieto@lcc.uma.es jlm@lcc.uma.es www.nics.uma.es/nieto www.nics.uma.es/lopez University of Malaga

638 views • 16 slides

More recommend