Formal Specification and Validation of Authentication and Authorization
Volume 16 Issue 2 2022
Download| Author(s): | Shafiq Hussain*, Muhammad Jamil, Rana Abu Bakar, Muhammad Farhan, Muhammad Amin Abid, Hafiz Tariq Masood |
|---|---|
| Abstract | Authentication and authorization are the major stakeholders of a computer system in terms of security. The collapse of any of these mechanisms may cause the failure of the entire system. There are numerous techniques of authentication that are being implemented in several secure software systems. These procedures include passwords, pass cards, fingerprints, retinal scans, etc. similarly, a large number of practices are available that implement authorization such as access control lists, role-based access, etc. In this paper, a novel approach is presented to model authentication and authorization by using formal methods. Models of software systems are specified in Z notation. The resulting models were verified and validated by using the Z/EVES theorem prover. The adopted approach provides a mechanism to develop secure software systems by using formal methods. |
| Keywords | Authentication, Authorization, Security, Formal Methods, Specification, Validation, Z, Z/EVES. |
| Year | 2022 |
| Volume | 16 |
| Issue | 2 |
| Type | Research paper, manuscript, article |
| Journal Name | Journal of Information & Communication Technology | Publisher Name | ILMA University | Jel Classification | - | DOI | - | ISSN no (E, Electronic) | 2075-7239 | ISSN no (P, Print) | 2415-0169 | Country | Pakistan | City | Karachi | Institution Type | University | Journal Type | Open Access | Manuscript Processing | Blind Peer Reviewed | Format | Paper Link | https://jict.ilmauniversity.edu.pk/journal/jict/16.2/4.pdf | Page | 57-65 |