model based security
play

Model-Based Security M. Ochoa Verification and Testing for F. - PowerPoint PPT Presentation

Jan 04, 2024 •185 likes •356 views

Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011 OUTLINE Introduction Background UMLsec Model-based Testing Security in smart-card

  1. Model-Based Security M. Ochoa Verification and Testing for F. Bouquet Smart-Cards J. Bottela E.Fourneret J.Jurjens P. Yousefi ARES 2011

  2. OUTLINE • Introduction • Background • UMLsec • Model-based Testing • Security in smart-card life-cycles • Correct security testing • Validation E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 2

  3. Research question? Security by design MBT Can we unify these two approaches? (to some extent) E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 3

  4. Background: UMLsec UMLsec is a lightweight extension of UML by means of stereotypes and tagged values. • Formally well-founded (based on a formalization of a fragment of UML). • Supports a collection of different security verification techniques across UML system views. • Tool supported . E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 4

  5. Background: UMLsec Satisfies property P? UML UML system system Model Model Counterexample UMLsec extends Class, Sequence, Activity, Statechart and Deployment diagrams and allows to verify Dolev-Yao cryptography, Non-interference and RBAC among others. There is tool support for most of the UMLsec stereotypes. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 5

  6. Background: MBT with Schemas Generated test conform UML UML to model prediction? Model of Model of + Schemas Expected Expected behavior behavior !!! • Automated test generation from security properties to testing needs using schemas • Ensure security property coverage • Traceability between generated tests and security property E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 6

  7. Background: MBT with Schemas Schema Language: Allows a straightforward, imperative-programming- like definition of Test Schemas, from which automatic test sequences can be generated. For example: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 7

  8. Security in Smart-card Life-cycle A smart-card has typically a well-defined life-cycle, that ranges from pre-deployment to active and eventually to a locked-status or a terminated status where is not possible to use the card any more. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 8

  9. Security in Smart-card Life-cycle Example: Global Platform Specification v 2.1.1 on the Card Life Cycle Scope E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 9

  10. Security in Smart-card Life-cycle Natural security requirements on the life-cycle to prevent D.O.S attacks: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 10

  11. Correct security testing Main ideas: • Is the expected behaviour, as described by the models in MBT already trivially violating the security properties to be tested? • Can we improve the quality of the MBT by using the UMLsec philosophy? • Can we also automatically generate schemas from this analysis? E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 11

  12. Correct security testing UMLsec new stereotypes for Security Properties 1 and 2 on statecharts: <<locked-status>> together with tag {status} specifies a status (node) in the statechart that should not have outgoing transitions to other nodes. <<authorized>> together with tags {status} and {permission} checks that all transitions to a given node contain a given permission check in their guard. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 12

  13. Correct security testing From the testing perspective, we can express the security properties as hoare triples {P} S {Q} where P and Q are FOL formulas quantifying over system variables and S is a set of system commands. For example: Locked-status: Authorized: E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 13

  14. Validation Automatically verified some violating models of the GP v 2.1.1 card life- cycle E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 14

  15. Validation Generated schema: Using the schema we have generated13 tests. E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 15

  16. CONCLUSION AND FUTURE WORK - Take into account the evolution aspect i.e - Specification can evolve thus the model and/or - The security property can evolve - Schema language extensions - Methods and tools’ evaluation on other systems and for other security properties. - Integration of tool support E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’ 16

  17. Questions? 17 E.Fourneret et al. ‘Model-Based Security Verification and Testing for Smart-cards’

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL

Widget security model based on MIDP and Web Application based on a security model with TLS/SSL and XMLDsig Claes Nilsson Technology Area Group Leader Web Browsing Marcus Liwell Technology Area Group Leader Security and DRM Rev 1

576 views • 12 slides
Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens

2 Herausforderung: Security Model-based Security Security: ganzheitliche Engineering Eigenschaft: Jan Jrjens Sicherheits-Mechanismen umgehen statt brechen. Sichere Systems aus Computing Department unsicheren Komponenten ? The

314 views • 6 slides
Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The

Model-based Security Engineering: Models vs. Code Jan Jrjens Department of Computing The Open University, GB http://www.umlsec.org Challenge: Security Security is holistic property: Attackers often circumvent (not: break) mechanisms.

639 views • 36 slides
SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as

SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as

Japan-Austria Joint Workshop on ICT October 18-19 2010, Tokyo, Japan SECTET SECTET Model driven Security of Service Oriented Systems y y based on Security as a Service Basel Katt , Ruth Breu, Mukhtiar Memon and Michael

646 views • 26 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY

eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY

eDocument Security Awareness Model 2. eDocument Security Awareness Model THE EDOCUMENT SECURITY AWARENESS MODEL (ESAM) IS A SELF-ASSESSMENT TOOL GOAL OF THE EDOCUMENT SECURITY AWARENESS MODEL: Help governments with their secure document

579 views • 28 slides
Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian

Sample or Random Security A Security Model for Segment-Based Visual Cryptography Sebastian Pape Dortmund Technical University March 5th, 2014 Financial Cryptography and Data Security 2014 Sebastian Pape Sample or Random Security March

541 views • 25 slides
A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security

A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security

A Model for Performance Based Method for Designing a PPS Garima Sharma Safety and Security Studies Division, Nuclear Controls and Planning Wing Department of Atomic Energy, Mumbai, India 400001 Email: garimas@dae.gov.in Black Swan Event

184 views • 15 slides
How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

How to capture, model, and verify the knowledge of legal, security, and privacy experts: a

Universit degli Studi di Trento How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach L. Compagna, P. El Khoury F. Massacci , N. Zannone R. Thomas Security Research Dept.

357 views • 14 slides
Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1

Availability Policies Chapter 7 Computer Security: Art and Science , 2 nd Edition Version 1.1 Slide 7-1 Outline Goals Deadlock Denial of service Constraint-based model State-based model Networks and flooding

971 views • 63 slides
Security model for hybrid token-based networking models By Rudy Borgstede Contents

Security model for hybrid token-based networking models By Rudy Borgstede Contents

Security model for hybrid token-based networking models By Rudy Borgstede Contents Project Background Complex Resource Provisioning and Token-Based Networking Token Validation Service, the Java Aaauthreach project

504 views • 21 slides
A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog

A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog

A Security Model for Space Based Communication Thom Stone Computer Sciences Corporation Prolog Everything that is not forbidden is compulsory -T.H. White They are after you Monsters in the Closet Virus Trojans Denial

748 views • 28 slides
Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College

Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College

Model Checking Multiagent Systems MAS for Security Multiagent System-based Verification of Security and Privacy Ioana Boureanu Imperial College London Department of Computing September 2015 logo Model Checking Multiagent Systems MAS for

567 views • 46 slides
A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech

A Semantic Model For Action-Based Adaptive Security Sara Sartoli, Akbar S. Namin Texas Tech University April 2017 Contents Motivation Introduction Contributions Why Answer Set Programming ? Running Example

449 views • 30 slides
Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit

Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit

Institute for Cyber Security An Attribute-Based Protection Model for JSON Documents Prosunjit Biswas, Ravi Sandhu and Ram Krishnan Department of Computer Science Department of Electrical and Computer Engineering 10th International Conference

210 views • 18 slides
1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms

1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms

1 Outline Problem Setting Instance-Based vs. Model-Based Model-Based Algorithms Estimation of Distribution Algorithms (EDAs) Cross-Entropy (CE) Method Model Reference Adaptive Search (MRAS) Convergence of MRAS

367 views • 34 slides
Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya

Fault enabled viruses against smart cards 1 2 1 Samiya HAMADOUCHE , Jean-Louis LANET , Mohamed MEZGHICHE 1 LIMOSE Laboratory, University

898 views • 36 slides
Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia

Mark Hickman Professor in Civil Engineering, University of Queensland Brisbane, Australia Brisbane Research Topics Analytics for service / operations planning / control Passenger smart card data Vehicle location and trajectory data

634 views • 4 slides
NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I,

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I, 15th March NFC applications and use cases https://attendee.gotowebinar.com/rt/1059402932312036099 Session II, 22th March NFC essentials

1.03k views • 35 slides
Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer kbabioch@suse.de Rationale - Computers running general purpose software can be compromised hacked Offline-access, etc. -

619 views • 26 slides
CryptoPuces 2011 Introduction State of the art SCWS / BIP The HTTP protocol

CryptoPuces 2011 Introduction State of the art SCWS / BIP The HTTP protocol

Matthieu BARREAUD, Guillaume BOUFFARD &amp; Jean-Louis LANET {matthieu.barreaud,guillaume.bouffard,jean-louis.lanet}@xlim.fr SSD team XLIM University of Limoges http://secinfo.msi.unilim.fr This work is based on the M1 students project.

669 views • 23 slides
Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers

Computer Security in the Real World Butler Lampson Microsoft 1 Security: The Goal Computers are as secure as real world systems, and people believe it . This is hard because: Computers can do a lot of damage fast. There are many

391 views • 28 slides
Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and

Breaking the Lightweight Secure PUF: Understanding the Relation of Input Transformations and Machine Learning Resistance 18th Smart Card Research and Advanced Application Conference: CARDIS 2019 Nils Wisiol, Georg T. Becker, Marian Margraf,

952 views • 21 slides
Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk,

Department of Technology &amp; Operations Management Smart Card Data in Public Transport Paul Bouman Also based on work of: Evelien van der Hurk, Timo Polman, Leo Kroon, Peter Vervest and Gbor Marti Complexity in Public Transport:

2.21k views • 55 slides

More recommend