WEKO3
アイテム
Challenges and design considerations for the authorizationanalysis of a software framework
https://ipsj.ixsq.nii.ac.jp/records/74832
https://ipsj.ixsq.nii.ac.jp/records/74832bd74b37e-9046-4b37-8386-597ffc4013a8
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-CSS2009C43.pdf (235.3 kB)
|
Copyright (c) 2009 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Symposium(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2009-10-19 | |||||||
| タイトル | ||||||||
| タイトル | Challenges and design considerations for the authorizationanalysis of a software framework | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | Challenges and design considerations for the authorizationanalysis of a software framework | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | セキュリティ評価・監査 | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_5794 | |||||||
| 資源タイプ | conference paper | |||||||
| 著者所属 | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属 | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属 | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属 | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| KDDI R&D Laboratories,Inc. | ||||||||
| 著者名 |
Wook, Shin
Shinsaku, Kiyomoto
Kazuhide, Fukushima
Toshiaki, Tanaka
× Wook, Shin Shinsaku, Kiyomoto Kazuhide, Fukushima Toshiaki, Tanaka
|
|||||||
| 著者名(英) |
Wook, Shin
Shinsaku, Kiyomoto
Kazuhide, Fukushima
Toshiaki, Tanaka
× Wook, Shin Shinsaku, Kiyomoto Kazuhide, Fukushima Toshiaki, Tanaka
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | We suggest an automated analysis tool design, where we can analyze the permission-basedsecurity of a software framework and test if an application execution can be completed withgiven permissions. For the analysis, we take two approaches. The one is theorem proving-basedapproach that formally specifies permission manipulation operations of the framework, definessecurity of the system, and then tests the logical correctness of the operations. The other is asimple simulation that partially executes a given application codes with given authorization. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | We suggest an automated analysis tool design, where we can analyze the permission-basedsecurity of a software framework and test if an application execution can be completed withgiven permissions. For the analysis, we take two approaches. The one is theorem proving-basedapproach that formally specifies permission manipulation operations of the framework, definessecurity of the system, and then tests the logical correctness of the operations. The other is asimple simulation that partially executes a given application codes with given authorization. | |||||||
| 書誌情報 |
コンピュータセキュリティシンポジウム2009 (CSS2009) 論文集 巻 2009, p. 1-6, 発行日 2011-10-12 |
|||||||
| 出版者 | ||||||||
| 言語 | ja | |||||||
| 出版者 | 情報処理学会 | |||||||
