LOCKS: A property specification language for security goals

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    5 Citations (Scopus)
    161 Downloads (Pure)

    Abstract

    We introduce a formal specification language locks, that allow security practitioners to express as well as compose security goals in a convenient manner. locks supports the specification of the most common security properties over generic attributes, both for qualitative and quantitative goals.
    To make our language independent of a specific security framework, we evaluate locks over a generic attack model, namely the structural attack model (sam), which over-arches the most prominent graphical threat models. Furthermore, we equip our language with a concise grammar, type rules and denotational semantics, thus laying the foundations of an automated tool. We take a number of informal security goals from the literature and show how they can be formally
    expressed in our language.
    Original languageEnglish
    Title of host publicationSAC '18: Proceedings of the 33rd Annual ACM Symposium on Applied Computing
    EditorsHisham M. Haddad, Roger L. Wainwright, Richard Chbeir
    PublisherAssociation for Computing Machinery
    Pages1907-1915
    ISBN (Electronic)978-1-4503-5191-1
    DOIs
    Publication statusPublished - 9 Apr 2018
    Event33rd ACM/SIGAPP Symposium On Applied Computing - Pau, France
    Duration: 9 Apr 201813 Apr 2018
    Conference number: 33
    https://www.sigapp.org/sac/sac2018/

    Conference

    Conference33rd ACM/SIGAPP Symposium On Applied Computing
    Abbreviated titleSAC 2018
    Country/TerritoryFrance
    CityPau
    Period9/04/1813/04/18
    Internet address

    Keywords

    • Enterprise security
    • Quantitative security goals
    • Property specification language
    • Multi-objective query language
    • Threat models
    • Denotational semantics

    Fingerprint

    Dive into the research topics of 'LOCKS: A property specification language for security goals'. Together they form a unique fingerprint.

    Cite this