Skip to Main Content
Research in computer security issues has recently addressed the development of security policy specification languages. It has however omitted the need of formal validation. In this paper we try to remedy to this drawback by the proposition of an automated tool for security policies. Because we have found several similarities between security policies and software engineering, our approach is strongly inspired from the reasoning followed in the software engineering. First, it brings out a model inspired by Promela to enable the validation task. Secondly, it proposes a 3-step validation process that deals with consistency, completeness and preservation of safety and liveness properties.