Accession Number : ADA310947

Title :   Romulus, A Computer Security Properties Modeling Environment: Romulus Theories. Volume 4.

Descriptive Note : Final rept. Aug 90-Jun 94,

Corporate Author : ODYSSEY RESEARCH ASSOCIATES INC ITHACA NY

Personal Author(s) : Brackin, S. ; Foley, S. ; Gong, L. ; Hartman, B. ; Heff, A.

PDF Url : ADA310947

Report Date : APR 1996

Pagination or Media Count : 205

Abstract : The Romulus security properties modeling environment contains tools, theories, and models that support the high-level design and analysis of secure systems. The Romulus nondisclosure tool supports development and analysis of distributed composite security models and their properties. The Romulus modeling approach establishes the models on a solid theoretical basis and uses formal mathematical tools to aid in the analysis. Romulus allows a user to express a model of a secure system using a formal specification notation that combines graphics and text. Verification of the model proves that it satisfies its critical properties. The user verifies the model by using a combination of automatic decision procedures and interactive theorem proving. The primary emphasis in the current system is the analysis of multilevel trusted system models to see if they satisfy nondisclosure properties. Romulus also includes a tool for formally specifying and verifying authentication protocols. This tool can be used to reason about the beliefs of the parties engaged in a protocol in order to analyze whether the protocol achieves the desired behavior. The Romulus theories include formal theories of nondisclosure, integrity, and availability security. The Romulus library of models demonstrates the application of these theories.

Descriptors :   *USER MANUALS, *DATA PROCESSING SECURITY, *MODEL THEORY, *COMPUTER PROGRAM VERIFICATION, MATHEMATICAL MODELS, ENVIRONMENTS, DECISION MAKING, DISTRIBUTION, INTERACTIONS, SPECIFICATIONS, TOOLS, AVAILABILITY, AUTOMATIC, LIBRARIES, THEOREMS.

Subject Categories : Computer Programming and Software
      Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE