Dépôt institutionnel de l'UQO

Formal framework for security policy enforcement in computer systems


Téléchargements par mois depuis la dernière année

Plus de statistiques...

Pene, Liviu (2018). Formal framework for security policy enforcement in computer systems. Thèse. Gatineau, Université du Québec en Outaouais, Département d'informatique et d'ingénierie, 212 p.

[thumbnail of Pene_Liviu_2018_thèse.pdf]
Télécharger (2MB) | Prévisualisation


The swift evolution of networks and computer systems has generated substantial improvements and marked benefits in several aspects of our personal and professional lives. However, these advantages come at the expense of an increased complexity of the security mechanisms protecting them. Defending the systems has become a big challenge both for individuals and for enterprises. The age of cloud computing and the Internet of Things significantly aggravated the problem. The main reason is that these technologies call into question the classic centralized security models and require contemplating completely distributed approaches. Given this context, computer systems security can no longer be assured solely by the application of best practices,
and a formal and rigorous approach is henceforth necessary. This thesis tackles the question of automatic protection of computer systems by exploring the use of formal methods for policy specification, verification and enforcement. In order to build our formal framework, we have defined algebraic formalisms and modal logics that allow specifying information systems
and their behaviour in an elegant and concise manner. We have also defined formal verification techniques for assessing the compliance of the systems with the security policies. Finally, we have devised an enforcement operator capable of generating an automatic enforcement process. The latter has the ability to rewrite the algebraic specification of a computer system in a way that renders it compliant with a security policy.

Type de document: Thèse (Thèse)
Directeur de mémoire/thèse: Adi, Kamel
Départements et école, unités de recherche et services: Informatique et ingénierie
Date de dépôt: 19 mars 2018 13:20
Dernière modification: 19 mars 2018 13:20
URI: https://di.uqo.ca/id/eprint/964

Actions (Identification requise)

Dernière vérification avant le dépôt Dernière vérification avant le dépôt