Issue No.03 - May/June (2011 vol.9)
Jason Bau , Stanford University
John C. Mitchell , Stanford University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.2
Security modeling centers on identifying system behavior, including any security defenses; the system adversary's power; and the properties that constitute system security. Once a security model is clearly defined, security analysis evaluates whether the adversary, interacting with the system, can defeat the desired security properties. Although the authors illustrate security analysis using model checking, analysts can use various methods and tools to evaluate system security, including manual and automated theorem-proving tools that provide assurance about the absence of attacks in a specified threat model. This article describes a uniform approach for evaluating system security and illustrates the approach by summarizing three case studies. Security modeling and analysis also provides a basis for comparative evaluation and some forms of security metrics.
Security modeling, formal methods, model checking, security analysis
Jason Bau, John C. Mitchell, "Security Modeling and Analysis", IEEE Security & Privacy, vol.9, no. 3, pp. 18-25, May/June 2011, doi:10.1109/MSP.2011.2