Abstract:Inadequacies in IT products can result from misunderstandings of the security requirements. Semi-formal methods can accurately describe the security requirements and implement reasonable requirements that avoid causing security flaws. Thus, semi-formal descriptions and verification methods are used in this study for security policies and design specifications represented by collections of the security requirements and module designs of security functionality interfaces. The system uses a loosely coupled partitioning method for the subsystem and module. Semi-formal methods are given to describe the security policy and design specification derived from existing semi-formal tools. The approach is applied to an IC card chip product to show that its security policies are adequate and the security design provides reasonable security. This approach can be used to evaluate all kinds of IT products.
邓辉, 石竑松, 张宝峰, 杨永生, 刘晖. 安全策略及设计规范的半形式化方法[J]. 清华大学学报(自然科学版), 2017, 57(7): 695-701.
DENG Hui, SHI Hongsong, ZHANG Baofeng, YANG Yongsheng, LIU Hui. Semi-formal method for security policies and design specifications. Journal of Tsinghua University(Science and Technology), 2017, 57(7): 695-701.
Bañón M. Security evaluation, testing and specification [C]//In SC27 Security Techniques of 25 Years of Information Security Standardization (1990—2015). London, UK:Gipping Press, 2015: 124-130.
[2]
ISO/IEC 15408. Information Technology-Security Techniques-Evaluation Criteria for IT Security [S]. Wellington, New Zealand: ISO/IEC, 2009.
[3]
GB/T 18336. 信息技术 安全技术 信息技术安全评估准则[S]. 北京: 中国国家标准化管理委员会, 2016.GB/T 18336. Information Technology-Security Techniques-Evaluation Criteria for IT Security [S]. Beijing: Standardization Administration of the People's Republic of China, 2016. (in Chinese)
[4]
Bundesam FVr Sicherheit der Informationstechnik. Guideline for the development and evaluation of formal security policy models in the scope of ITSEC and Common Criteria, version 2.0[Z/OL]. (December 2007). http://www.bsi.bund.de/cae/servlet/contentblob/478122/publicationFile/30243/Guideline_FMSP_v20_pdf.
[5]
Narasamdya I, Périn M. Certification of smart-card applications in Common Criteria: Proving representation correspondences[Z/OL]. (November 2008). http://www-verimag.imag.fr.
[6]
Schellhorn G, Reif W, Schairer A, et al. Verification of a formal security model for multiapplicative smart cards [J]. Lecture Notes in Computer Science, 2000, 1(1):17-36.
[7]
GB/T 22186. 信息安全技术 具有中央处理器的IC卡芯片安全技术要求[S]. 北京: 中国国家标准化管理委员会, 2016.GB/T 22186. Information Security Techniques-Security Technical Requirements for IC Card Chip with CPU [S]. Beijing: Standardization Administration of the People's Republic of China, 2016. (in Chinese)
[8]
ASN.1. Abstract Syntax Notation One [S]. Wellington, New Zealand: ISO/ITU-T, 2001.
[9]
Schmuller J. UML基础、 案例与应用[M]. 李虎, 王英美, 万里威, 译. 北京: 人民邮电出版社, 2002.Schmuller J. Sams Teach Yourself UML in 24 Hours [M]. LI Hu, WANG Yingmei, WAN Liwei, trans. Beijing: Posts & Telecom Press, 2002. (in Chinese)