LIP6 CNRS Sorbonne Université Tremplin Carnot Interfaces
Direct Link LIP6 » 新闻 » 在读博士

HABIB Lionel

科研组 : SPI
离开日期 : 2011-7-1
责任导师 : Thérèse HARDIN
助理责任导师 : JAUME Mathieu

Formalisations et comparaisons de politiques et de systèmes de sécurité

The objective of this thesis is to improve the degree of confidence that one can have in the domain of information security, by relying on formal methods. To do so, we define a generic semantic framework allowing to formalize and to compare security policies and systems. We describe two formalization approaches of security policies, and we show how we express administrative security policies according to these two approaches. We present the notion of security systems which consists in enforcing a security policy by a transition system according to two techniques allowing to obtain security systems which respect security policies by construction, which contributes to fulfill our objective. We introduce three preorders allowing to compare security policies and systems, which characterize their expressing power. We apply the definitions introduced in our framework by formalizing and comparing permissions, access and information flows control policies, administrative security policies, and security systems. On the other hand, we put in perspective our work with some related work. Finally, we expose two practical applications realized within Focalize, the test of a multi-level access control policy, and the development of a library of security policies, which allows us to show that our formal approach, intended to obtain a high level of assurance, is viable in practice.
答辩 : 2011-6-16 - 10h - Site Jussieu - Bat 41 - Salle 203/205
评委会 :
Christèle Faure, SafeRiver [Rapporteur]
Ludovic Mé, Supélec [Rapporteur]
Valérie Viêt Triêm Tông, Supélec [Rapporteur]
Horatiu Cirstea, LORIA
Christian Queinnec, UPMC
Thérèse Hardin, UPMC
Mathieu Jaume, UPMC

2008-2011 刊物

 Mentions légales
网站导航 |