Applying Automated Theorem Proving to Computer Security
AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH DEPT OF GRADUATE COMPUTER SCIENCE
Pagination or Media Count:
While more and more data is stored and accessed electronically, better access control methods need to be implemented for computer security. Formal modelling and analysis have been successfully used in certain areas of computer systems, such as verifying the security properties of cryptographic and authentication protocols. However, formal models for computer systems in cyberspace, like networks, have hardly advanced. A highly regarded graduate textbook cites the Take-Grant model created in 1977 as one of the current examples of security modelling and analysis techniques. This model is rarely used in practice though. This research implements the Take-Grant Protection models four de jure rules and Can Share predicate in the Prototype Verification System PVS which automates model checking and theorem proving. This facilitates the ability to test a given Take-Grant model against many systems which are modelled using digraphs. Two models, one with error checking and one without, are created to implement take-grant rules. The first model that does not have error checking incorporated requires manual error checking. The second model uses recursion to allow for the error checking. The Can Share theorem requires further development.
- Computer Systems Management and Standards