A Formal Approach to Distributed System Security Test Generation

Vladimir A. Khlevnoy; Andrey A. Shchurov

arXiv:1411.2406·cs.CR·November 11, 2014

A Formal Approach to Distributed System Security Test Generation

Vladimir A. Khlevnoy, Andrey A. Shchurov

PDF

TL;DR

This paper presents a formal method for automating security test generation in distributed systems, utilizing threat lists and a multilayered model to improve testing procedures.

Contribution

It introduces a comprehensive threat list and an extended six-layered model for systematic security test generation in distributed systems.

Findings

01

Development of a formal approach for security test checklist generation

02

Integration of threat lists with a multilayered testing model

03

Enhanced automation in security testing processes

Abstract

Deployment of distributed systems sets high requirements for procedures for the security testing of these systems. This work introduces: (1) a list of typical threats based on standards and actual practices; (2) an extended six-layered model for test generation mission on the basis of technical specifications and end-user requirements. Based on the list of typical threats and the multilayer model, we describe a formal approach to the automated design and generation of security mechanisms checklists for complex distributed systems.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.