pdfreaders.org

The CVS-Server Case Study: A Formalized Security Architecture

by Achim D. Brucker, Frank Rittinger, and Burkhart Wolff

Cover for brucker.ea:cvs-server:2002.CVS is a widely known version management system. Configured in server mode, it can be used for the distributed development of software as well as its distribution from a central database called the repository. In this setting, a number of security mechanisms have to be integrated into the CVS-server architecture. We present an abstract formal model of the access control aspects of a CVS-server architecture enforcing a role-based access control on the data in the repository. This abstract architecture is refined to an implementation architecture, which represents (an abstraction of) a concrete CVS-server configuration running in a POSIX/UNIX environment. Both the abstract as well as the concrete architecture are specified in the language Z. The specification is compiled to HOL-Z, such that refinement proofs for this case study can be done in Isabelle/HOL.

Keywords:
Categories: , ,
Documents: (full text as PDF file)

QR Code for brucker.ea:cvs-server:2002.Please cite this article as follows:
Achim D. Brucker, Frank Rittinger, and Burkhart Wolff. The CVS-Server Case Study: A Formalized Security Architecture. In FM-TOOLS 2002, pages 47-52, 2002. Available as Technical Report, University Augsburg, number 2002-11.
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@InCollection{ brucker.ea:cvs-server:2002,
abstract = {CVS is a widely known version management system. Configured in server mode, it can be used for the distributed development of software as well as its distribution from a central database called the \emph{repository}. In this setting, a number of security mechanisms have to be integrated into the CVS-server architecture. We present an abstract formal model of the access control aspects of a CVS-server architecture enforcing a role-based access control on the data in the repository. This abstract architecture is refined to an implementation architecture, which represents (an abstraction of) a concrete CVS-server configuration running in a POSIX/UNIX environment. Both the abstract as well as the concrete architecture are specified in the language Z. The specification is compiled to HOL-Z, such that refinement proofs for this case study can be done in Isabelle/HOL.},
address = {Augsburg},
author = {Achim D. Brucker and Frank Rittinger and Burkhart Wolff},
booktitle = {FM-TOOLS 2002},
editor = {Dominik Haneberg and Gerhard Schellhorn and Wolfgang Reif},
language = {USenglish},
month = {jul},
note = {Available as Technical Report, University Augsburg, number 2002--11.},
organization = {University Augsburg},
pages = {47--52},
pdf = {https://www.brucker.ch/bibliography/download/2002/brucker.ea-cvs-server-2002.pdf},
project = {FSA},
title = {The {CVS}-Server Case Study: {A} Formalized Security Architecture},
url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-cvs-server-2002},
year = {2002},
}