第24回先端ソフトウェア科学・工学に関するGRACEセミナー

主催:NII 先端ソフトウェア工学国際研究センター(GRACEセンター)
http://grace-center.jp/
日時:2009年9月7日(月)15:00-18:00
場所:国立情報学研究所(NII) 20階講義室1(2005)
参加費:無料
地図
参加をご希望の方は、下記アドレスまで、セミナー前日まで必要事項を記入し,
“24th GRACE Seminar”というタイトルで電子メールにてご登録をお願いします。

登録アドレス:event-info@grace-center.jp
必要事項:お名前、所属、メールアドレス

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Details:

Speaker: Professor David Basin, ETH Zurich
Title : Model Driven Security

Abstract:
We present an approach to integrating security into the system design
process. Namely, models are made of system designs along with their
security requirements, and security architectures are automatically
generated from the resulting security-design models. We call the
resulting approach “Model Driven Security” as it represents a
specialization of model driven development to the domain of
system security.

To illustrate these ideas we present SecureUML, a modeling language
based on UML for modeling system designs along with their security
requirements. From SecureUML models, we automatically generate security
architectures, built from declarative and programmatic access control
mechanisms, for distributed middleware-based applications.
We report on case studies using model-driven development
tools and highlight our current research in this area.

=======================================

Speaker: Professor David Basin, ETH Zurich
Title : Specifying and Analyzing Security Automata

Abstract:
Security automata are a variant of Buechi automata used to
specify security policies that can be enforced by monitoring system
execution. We propose using CSP-OZ for specifying security automata,
formalizing their combination with target systems, and analyzing the
security of the resulting system specifications. CSP-OZ is a rich
specification language that combines Communicating Sequential Processes
(CSP) and Object-Z (OZ). Our thesis is that this language is very well
suited for specifying and reasoning about complex security automata and
their combination with large-scale systems. This includes the ability to
specify concisely complex operations and complex control, support for
structured specifications, refinement, and transformational design, as
well as automated, tool supported analysis. We present two case
studies, which provide support for this thesis.

Biography:
David Basin is a full professor of Computer Science at ETH Zurich and head of the Information Security research group.
He received a his Ph.D. in Computer Science from Cornell University in 1989
and his Habilitation in Computer Science from the University of Saarbrucken in 1996.
He was a research fellow at both the University of Edinburgh (1990-1991)
and the Max-Planck-Institut für Informatik (1992-1997). From 1997-2002 he held the chair of Software Engineering at the University of Freiburg in Germany.
His research areas are Information Security and Software Engineering, in particular methods and tools for building secure and reliable systems.
He is the founding director of the ZISC, the Zurich Information Security Center, which he leads since 2003. He serves on the editorial boards of numerous journals including IEEE Transactions on Dependable and Secure Computing, Acta Informatica, and Information Processing Letters. He is Editor-in-Chief (together with Ueli Maurer) of Springer-Verlag’s book series in Information Security and Cryptography. He co-founded the conference series on Formal Methods in Security Engineering and is on the steering committee of the ACM Symposium on Information, Computer and Communications Security (ASIACCS).

カテゴリー: 研究, セミナー パーマリンク

コメントは停止中です。