In this thesis we address the modular specification and analysis of flexible, rule-based policies. We introduce the use of the strategic rewriting formalism in this domain, such that our framework inherits techniques, theorems, and tools from the rewriting theory. This allows us to easily state and verify important policy properties such as the absence of conflicts, for instance. Moreover, we develop rewrite-based methods to verify elaborate policy properties such as the safety problem in access control and the detection of information flows in mandatory policies.We show that strategies are important to preserve policy properties under composition. The rich strategy languages available in systems like Tom, Stratego, Maude, ASF+SDF and Elan ...
Concevoir et mettre en oeuvre des méthodes pour la spécification, l'analyse et la vérification de lo...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Security is a critical concern for any information system. Security properties such as confidentiali...
In this thesis we address the modular specification and analysis of flexible, rule-based policies. W...
In this thesis we address the modular specification and analysis of flexible, rule-based policies. W...
Dans cette thèse, nous nous intéressons à la spécification et à l analyse modulaires de politiques d...
International audienceSecurity policies, in particular access control, are fundamental elements of c...
International audienceAccess control is a central issue among the overall security goals of informat...
Designing and applying formal methods for specifying, analyzing and verifying softwares and systems ...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
{\it Policy frameworks} provide a technique for improving reuse in program analysis: the same langua...
AbstractThe rewrite-based approach provides executable specifications for security policies, which c...
International audienceThe rewrite-based approach provides executable specifications for security pol...
Le contrôle d'accès permet de spécifier une partie de la politique de sécurité d'un SI (système d'in...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps ...
Concevoir et mettre en oeuvre des méthodes pour la spécification, l'analyse et la vérification de lo...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Security is a critical concern for any information system. Security properties such as confidentiali...
In this thesis we address the modular specification and analysis of flexible, rule-based policies. W...
In this thesis we address the modular specification and analysis of flexible, rule-based policies. W...
Dans cette thèse, nous nous intéressons à la spécification et à l analyse modulaires de politiques d...
International audienceSecurity policies, in particular access control, are fundamental elements of c...
International audienceAccess control is a central issue among the overall security goals of informat...
Designing and applying formal methods for specifying, analyzing and verifying softwares and systems ...
With the ever increasing importance of computer networks such as the Internet,and the today almost u...
{\it Policy frameworks} provide a technique for improving reuse in program analysis: the same langua...
AbstractThe rewrite-based approach provides executable specifications for security policies, which c...
International audienceThe rewrite-based approach provides executable specifications for security pol...
Le contrôle d'accès permet de spécifier une partie de la politique de sécurité d'un SI (système d'in...
In defining large, complex access control policies, one would like to compose sub-policies, perhaps ...
Concevoir et mettre en oeuvre des méthodes pour la spécification, l'analyse et la vérification de lo...
Complex software-security policies are dicult to specify, understand, and update. The same is true f...
Security is a critical concern for any information system. Security properties such as confidentiali...