Issue No.02 - February (1995 vol.21)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.345822
This paper describes the development of a formal security policy model in Z for the NATO Air Command and Control System (ACCS): a large, distributed, multilevel-secure system. The model was subject to manual validation, and some of the issues and lessons in both writing and validating the model are discussed.
Security, security policy model, formal specification, Z, modeling, validation
Anthony Boswell, "Specification and Validation of a Security Policy Model", IEEE Transactions on Software Engineering, vol.21, no. 2, pp. 63-68, February 1995, doi:10.1109/32.345822