A CVS-Server Security Architecture - Concepts and Formal Analysis

by Achim D. Brucker, Frank Rittinger, and Burkhart Wolff

Cover for brucker.ea:cvs-server:2002-b.We present a secure architecture of a CVS-server, its implementation (i.e. mainly its configuration) and its formal analysis. Our CVS-server is uses cvsauth, that provides protection of passwords and protection of some internal data of the CVS repository. In contrast to other (security oriented) CVS-architectures, our approach allows the CVS-server run on an open filesystem, i.e. a filesystem where users can have direct access both by CVS-commands and by standard UNIX/POSIX commands such as mv. For our secure architecture of the CVS-server, we provide a formal specification and security analysys. The latter is based on a refinement mapping high-level security requirements on the architecture on low-level security mechanisms on the UNIX/POSIX filesystem level. The purpose of the formal analysis of the secure CVS-server architecture is twofold: First, it is the bases for the specification of mutual security properties such as non-repudiation, authentication and access control for this architecture. Second, the mapping of the architecture on standard security implementation technology is described. Thus, our approach can be seen as a method to give a formal underpinning for the usually tricky business of system administrators.

Keywords: security architecture, Concurrent Versions System (CVS), Z, formal methods, refinement
Categories: , ,
Documents: (full text as PDF file)

QR Code for brucker.ea:cvs-server:2002-b.Please cite this article as follows:
Achim D. Brucker, Frank Rittinger, and Burkhart Wolff. A CVS-Server Security Architecture - Concepts and Formal Analysis. Albert-Ludwigs-Universität Freiburg, Technical Report 182, 2002.
Keywords: security architecture, Concurrent Versions System (CVS), Z, formal methods, refinement
(full text as PDF file) (BibTeX) (Endnote) (RIS) (Word) (Share article on LinkedIn. Share article on CiteULike. )

BibTeX
@TechReport{ brucker.ea:cvs-server:2002-b,
abstract = {We present a secure architecture of a CVS-server, its implementation (i.e. mainly its configuration) and its formal analysis. Our CVS-server is uses cvsauth, that provides protection of passwords and protection of some internal data of the CVS repository. In contrast to other (security oriented) CVS-architectures, our approach allows the CVS-server run on an open filesystem, i.e. a filesystem where users can have direct access both by CVS-commands and by standard UNIX/POSIX commands such as \texttt{mv}. For our secure architecture of the CVS-server, we provide a formal specification and security analysys. The latter is based on a refinement mapping high-level security requirements on the architecture on low-level security mechanisms on the UNIX/POSIX filesystem level. The purpose of the formal analysis of the secure CVS-server architecture is twofold: First, it is the bases for the specification of mutual security properties such as non-repudiation, authentication and access control for this architecture. Second, the mapping of the architecture on standard security implementation technology is described. Thus, our approach can be seen as a method to give a formal underpinning for the usually tricky business of system administrators.},
author = {Achim D. Brucker and Frank Rittinger and Burkhart Wolff},
institution = {Albert-Ludwigs-Universit{\"a}t Freiburg},
keywords = {security architecture, Concurrent Versions System (CVS), Z, formal methods, refinement},
language = {USenglish},
num_pages = {100},
number = {182},
pdf = {https://www.brucker.ch/bibliography/download/2002/cvs_arch.pdf},
title = {A {CVS-Server} Security Architecture --- Concepts and Formal Analysis},
url = {https://www.brucker.ch/bibliography/abstract/brucker.ea-cvs-server-2002-b},
year = {2002},
}