Accession Number : ADA310946

Title :   Romulus, A Computer Security Properties Modeling Environment: Romulus Theories. Volume 2.

Descriptive Note : Final rept. Aug 90-Jun 94,

Corporate Author : ODYSSEY RESEARCH ASSOCIATES INC ITHACA NY

Personal Author(s) : Brackin, S. ; Foley, S. ; Gong, L. ; Hartman, B. ; Heff, A.

PDF Url : ADA310946

Report Date : APR 1996

Pagination or Media Count : 158

Abstract : The Romulus security properties modeling environment contains tools, theories, and models that support the high-level design and analysis of secure systems. The Romulus nondisclosure tool supports development and analysis of distributed composite security models and their properties. The Romulus modeling approach establishes the models on a solid theoretical basis and uses formal mathematical toot to aid in the analysis. Romulus allows a user to express a model of a secure system using a formal specification notation that combines graphics and text. Verification of the model proves that it satisfies its critical properties. The user verifies the model by using a combination of automatic decision procedures and interactive theorem proving. The primary emphasis in the current system is the analysis of multilevel trusted system models to see if they satisfy nondisclosure properties. Romulus theories include a tool for formally specifying and verifying authentication protocols. This tool can be used to reason about the beliefs of the parties engaged in a protocol in order to analyze whether the protocol achieves the desired behavior.

Descriptors :   *DATA PROCESSING SECURITY, *MODEL THEORY, *SYSTEMS APPROACH, ENVIRONMENTS, DECISION MAKING, MODELS, DISTRIBUTION, SPECIFICATIONS, TOOLS, AUTOMATIC.

Subject Categories : Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE