Date of Award


Document Type


Degree Name

Master of Science in Computer Science


Department of Electrical and Computer Engineering

First Advisor

Rusty O. Baldwin, PhD


While more and more data is stored and accessed electronically, better access control methods need to be implemented for computer security. Formal modelling and analysis have been successfully used in certain areas of computer systems, such as verifying the security properties of cryptographic and authentication protocols. However, formal models for computer systems in cyberspace, like networks, have hardly advanced. A highly regarded graduate textbook cites the Take-Grant model created in 1977 as one of the \current" examples of security modelling and analysis techniques. This model is rarely used in practice though. This research implements the Take-Grant Protection model's four de jure rules and Can Share predicate in the Prototype Verification System (PVS) which automates model checking and theorem proving. This facilitates the ability to test a given TakeGrant model against many systems which are modelled using digraphs. Two models, one with error checking and one without, are created to implement take-grant rules. The first model that does not have error checking incorporated requires manual error checking. The second model uses recursion to allow for the error checking. The Can Share theorem requires further development.

AFIT Designator


DTIC Accession Number