A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System. (9th March 2018)
- Record Type:
- Journal Article
- Title:
- A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System. (9th March 2018)
- Main Title:
- A Framework for Testing and Monitoring Security Policies: Application to an Electronic Voting System
- Authors:
- Toumi, Khalifa
Aouadi, Mohamed
Cavalli, Ana R
Mallouli, Wissam
Allepuz, Jordi Puiggal
Montfort, Pol Valletb - Abstract:
- Abstract: Testing and monitoring the effectiveness of security policies under pervasive system architectures is still a major challenging problem for the research community as well as industrials. The inherent characteristics of these systems such as the heterogeneous communicating devices and the multiple used technologies make the burden more overwhelming when dealing with security measures and policies. This paper aims to bridge this gap through the introduction of a formal design of security policies to make security monitoring operation more efficient. Hence, a formal framework is proposed to actively test web-based systems, as an example of these pervasive architectures. The goal of our technique is to check the compliance of the targeted web application to a set of generic security requirements such as confidentiality, integrity and availability as well as to a set of user-related security constraints. Our approach has been applied to a real industrial electronic voting application provided by the Scytl company. Several experiments show the merit of our technique in verifying the correctness of security measures of the targeted application. This framework is part of the INTER-TRUST solution intended to ensure secure inter-operation between communicating systems and provide solutions to test and monitor them.
- Is Part Of:
- Computer journal. Volume 61:Number 8(2018)
- Journal:
- Computer journal
- Issue:
- Volume 61:Number 8(2018)
- Issue Display:
- Volume 61, Issue 8 (2018)
- Year:
- 2018
- Volume:
- 61
- Issue:
- 8
- Issue Sort Value:
- 2018-0061-0008-0000
- Page Start:
- 1109
- Page End:
- 1122
- Publication Date:
- 2018-03-09
- Subjects:
- formal testing -- security monitoring -- validation -- security policy
Computers -- Periodicals
005.1 - Journal URLs:
- http://comjnl.oxfordjournals.org/ ↗
http://ukcatalogue.oup.com/ ↗ - DOI:
- 10.1093/comjnl/bxy018 ↗
- Languages:
- English
- ISSNs:
- 0010-4620
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.060000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 12181.xml