TY - GEN
T1 - Formalizing physical security procedures
AU - Meadows, Catherine
AU - Pavlovic, Dusko
PY - 2012/9
Y1 - 2012/9
N2 - Although the problems of physical security emerged more than 10,000 years before the problems of computer security, no formal methods have been developed for them, and the solutions have been evolving slowly, mostly through social procedures. But as the traffic on physical and social networks is now increasingly expedited by computers, the problems of physical and social security are becoming technical problems. From various directions, many security researchers and practitioners have come to a realization that the areas such as transportation security, public and private space protection, or critical infrastructure defense, are in need of formalized engineering methodologies. Following this lead, we extended Protocol Derivation Logic (PDL) to Procedure Derivation Logic (still PDL). In contrast with a protocol, where some principals send and receive some messages, in a procedure they can also
exchange and move some objects. For simplicity, in the present paper we actually focus on the security issues arising from traffic of objects, and leave the data flows, and the phenomena emerging from the interaction of data and objects, for future work. We illustrate our approach by applying it to a flawed airport security procedure described by Schneier.
AB - Although the problems of physical security emerged more than 10,000 years before the problems of computer security, no formal methods have been developed for them, and the solutions have been evolving slowly, mostly through social procedures. But as the traffic on physical and social networks is now increasingly expedited by computers, the problems of physical and social security are becoming technical problems. From various directions, many security researchers and practitioners have come to a realization that the areas such as transportation security, public and private space protection, or critical infrastructure defense, are in need of formalized engineering methodologies. Following this lead, we extended Protocol Derivation Logic (PDL) to Procedure Derivation Logic (still PDL). In contrast with a protocol, where some principals send and receive some messages, in a procedure they can also
exchange and move some objects. For simplicity, in the present paper we actually focus on the security issues arising from traffic of objects, and leave the data flows, and the phenomena emerging from the interaction of data and objects, for future work. We illustrate our approach by applying it to a flawed airport security procedure described by Schneier.
KW - SCS-Cybersecurity
KW - Physical procedure analysis
KW - Physical security
KW - Security policies
KW - Formal security protocol analysis
U2 - 10.1007/978-3-642-38004-4_13
DO - 10.1007/978-3-642-38004-4_13
M3 - Conference contribution
SN - 978-3-642-38004-4
T3 - Lecture Notes in Computer Science
SP - 193
EP - 208
BT - Security and Trust Management
A2 - Jøsang, Audun
A2 - Samarati, Pierangela
A2 - Petrocchi, Marinella
PB - Springer
CY - Berlin, Heidelberg
T2 - 8th International Workshop on Security and Trust Management, STM 2012
Y2 - 13 September 2012 through 14 September 2012
ER -