Archivio Istituzionale della RicercaManaging security configuration in cloud environments is increasingly challenging due to their dynamism, and traditional manual inspection and testing are inadequate to ensure correctness and prevent misconfiguration. To address these issues, this paper introduces a query-driven formal verification approach that enables administrators to validate cloud security configurations using a high-level, user-friendly query language. Correctness is ensured by modeling the cloud environment and verification queries as a Satisfiability Modulo Theories problem, automatically solved by a state-of-the-art solver. Moreover, the approach covers diverse security aspects and detects complex multi-level attacks by integrating multiple security domains.
Toward a Query-Driven Approach for Formal Verification of Cloud Security Configuration / Pizzato, Francesco; Bringhenti, Daniele; Sisto, Riccardo; Valenza, Fulvio. - ELETTRONICO. - (In corso di stampa). ( NOMS 2026 - 2026 IEEE Network Operations and Management Symposium Rome (IT) 18-22 May 2026).
Toward a Query-Driven Approach for Formal Verification of Cloud Security Configuration
Francesco Pizzato;Daniele Bringhenti;Riccardo Sisto;Fulvio Valenza
In corso di stampa
Abstract
Managing security configuration in cloud environments is increasingly challenging due to their dynamism, and traditional manual inspection and testing are inadequate to ensure correctness and prevent misconfiguration. To address these issues, this paper introduces a query-driven formal verification approach that enables administrators to validate cloud security configurations using a high-level, user-friendly query language. Correctness is ensured by modeling the cloud environment and verification queries as a Satisfiability Modulo Theories problem, automatically solved by a state-of-the-art solver. Moreover, the approach covers diverse security aspects and detects complex multi-level attacks by integrating multiple security domains.
| File | Dimensione | Formato | |
|---|---|---|---|
|
NOMS2026-AcceptedManuscript.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
463.97 kB
Formato
Adobe PDF
|
463.97 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3007330