TY - JOUR AU - Brucker, Achim D. AU - Wolff, Burkhart PY - 2003 DA - 2003// TI - A Case Study of a Formalized Security Architecture JO - Electronic Notes in Theoretical Computer Science SP - 24 EP - 40 VL - 80 PB - Elsevier Science Publishers CY - Amsterdam KW - security, access control, POSIX, Unix, CVS, Z AB - CVS is a widely known version management system, which can be used for the distributed development of software as well as its distribution from a central database. In this paper, we provide an outline of a formal security analysis of a CVS-Server architecture performed in \citebrucker.ea:cvs-server:2002. The analysis is based on an abstract architecture (enforcing a role-based access control on the repository), which is refined to an implementation architecture (based on the usual discretionary access control provided by the POSIX environment). Both architectures serve as framework to formulate access control and confidentiality properties. Both the abstract as well as the concrete architecture are specified in the language Z. Based on a logical embedding of Z into Isabelle/HOL, we provide formal, machine-checked proofs for consistency properties of the specification, for the correctness of the refinement, and for some security properties. Thus, we present a case study for the security analysis of realistic models over an off-the-shelf system by formal machine-checked proofs. L1 - https://www.brucker.ch/bibliography/download/2003/brucker.ea-case-2003.pdf UR - https://www.brucker.ch/bibliography/abstract/brucker.ea-case-2003 UR - https://doi.org/10.1016/S1571-0661(04)80807-7 DO - 10.1016/S1571-0661(04)80807-7 LA - USenglish N1 - Proceedings of the Eighth International Workshop on Formal Methods for Industrial Critical Systems (FMICS’03) ID - brucker.ea:case:2003 ER -