Information Technology Reference
In-Depth Information
labels. The security calculus is provided with a technique of a parallel programming
language. This approach is useful for the vulnerabilities searching in the flow-related
computer systems: network transactions [3], client-server communications.
In [3], there is presented the UML-based approach for the automated verification of
the security requirements. They have demonstrated a conception of the verification
routines for security constraints associated with the stereotypes of the UML security
extension UMLsec [4]. To do so, the analysis routine extracts information from
different diagram types (class, deployment, and statechart diagrams) that may contain
specific security-related information. The system requirements can be formulated at
the level of the system's security model. But for this work we need to obtain the
UMLsec diagram. Unfortunately, it cannot be obviously built for MS Windows. To
do this, we would have a need for special tool, which will automatically compose the
UML-diagram for a huge number of MS Windows objects. Other ways, the UML-
based approach could not be a reliable and efficient way to check the security
vulnerabilities.
A group at Carnegie Mellon developed a security specification and checking
system called Miro [6]. The Miro system consists of two languages and a collection of
software tools. One specification language is for protection configurations and the
other is for security policies. It is a general system, but the Miro system was
accomplished for the UNIX operating system [7]. The UNIX-style systems are mostly
the open source ones, they operate with a limit number of the objects to be protected.
To investigate the UNIX security thus needs little mind and time expenses.
We have also observed characteristics of the MS Windows-oriented vulnerabilities
detectors (Enterprise Security Manager, Symantec Corp.; Intrusion SecurityAnalyst,
Intrusion Inc.; NetIQ Security Analyzer, NetIQ Inc.; XSpider, Positive Technologies;
Microsoft Baseline Security Analyzer, Microsoft Corp., etc). After analyzes, we have
made some conclusions (it is notable, that the following remarks are independent of
developer's name and product version):
•
no solution investigates the system inside. For example, the known products have
an eye on the well-known file paths or the security-critical folders. No one looks at
security of the kernel mode objects;
•
no product allows composing the detection criteria. For example, the analyzed
solutions use either the predefined checks or the scripts of the check sequence;
•
no detector predicts an effect of the security settings upon the reachable states of
the system.
Therefore, to our knowledge, the general problem of evaluation of security
enforcement including weakness detection in such a complex operating systems as
MS Windows has never been addressed by any author.
3 Vulnerabilities Detection
According to the fundamentals of computer system modeling, we look at the safety of
the system through the safety of the system states. The
state
is characterized with the
security configuration, which could (or not) contain the OSCV. To detect the OSCV
in the state we need to analyze the security configuration corresponding to the given
