HABIB Lionel

Кандидат наук
Подразделение : SPI
Окончание контракта : 01.07.2011
https://lip6.fr/Lionel.Habib

Научны(е)й руководител(и)ь : Thérèse HARDIN

Со-руководитель : JAUME Mathieu

Formalisations et comparaisons de politiques et de systèmes de sécurité

The objective of this thesis is to improve the degree of confidence that one can have in the domain of information security, by relying on formal methods. To do so, we define a generic semantic framework allowing to formalize and to compare security policies and systems. We describe two formalization approaches of security policies, and we show how we express administrative security policies according to these two approaches. We present the notion of security systems which consists in enforcing a security policy by a transition system according to two techniques allowing to obtain security systems which respect security policies by construction, which contributes to fulfill our objective. We introduce three preorders allowing to compare security policies and systems, which characterize their expressing power. We apply the definitions introduced in our framework by formalizing and comparing permissions, access and information flows control policies, administrative security policies, and security systems. On the other hand, we put in perspective our work with some related work. Finally, we expose two practical applications realized within Focalize, the test of a multi-level access control policy, and the development of a library of security policies, which allows us to show that our formal approach, intended to obtain a high level of assurance, is viable in practice.

Защита диссертаций : 16.06.2011

Члены жюри :

Christèle Faure, SafeRiver [Rapporteur]
Ludovic Mé, Supélec [Rapporteur]
Valérie Viêt Triêm Tông, Supélec [Rapporteur]
Horatiu Cirstea, LORIA
Christian Queinnec, UPMC
Thérèse Hardin, UPMC
Mathieu Jaume, UPMC

Окончание контракта : 01.07.2011

Публикации 2008-2011

Mentions légales
Карта сайта