A Model Checking Based Approach for Verification of Attribute-Based Access Control Policies in Cloud Infrastructures

被引:0
|
作者
Kotenko, Igor [1 ,2 ]
Saenko, Igor [1 ,2 ]
Levshun, Dmitry [1 ,2 ]
机构
[1] Russian Acad Sci SPIIRAS, St Petersburg Inst Informat & Automat, 14 Th Liniya,39, St Petersburg 199178, Russia
[2] St Petersburg Natl Res Univ Informat Technol Mech, ITMO Univ, 49 Kronverkskiy Prospekt, St Petersburg 197101, Russia
来源
PROCEEDINGS OF THE FOURTH INTERNATIONAL SCIENTIFIC CONFERENCE INTELLIGENT INFORMATION TECHNOLOGIES FOR INDUSTRY (IITI'19) | 2020年 / 1156卷
关键词
Access control; Model checking; Temporal logics; ABAC; Cloud infrastructure;
D O I
10.1007/978-3-030-50097-9_17
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Attribute-Based Access Control (ABAC) model is a perspective access control model for cloud infrastructures used for automation of industrial, transport and energy systems as they include large number of users, resources and dynamical changed permissions. The paper considers the features of ABAC model and the theoretical background for verification of the ABAC policies based on the model checking. The possibility of applying the model checking is justified on the example of the ABAC policy. Implementation of the proposed approach was made using the UPPAAL verification tool. Experimental assessment shows high acceptability of the model checking not only for finding anomalies in ABAC policies but for finding decisions to eliminate them.
引用
收藏
页码:165 / 175
页数:11
相关论文
共 50 条
  • [21] Access control scheme based on blockchain and attribute-based searchable encryption in cloud environment
    Yan, Liang
    Ge, Lina
    Wang, Zhe
    Zhang, Guifen
    Xu, Jingya
    Hu, Zheng
    JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS, 2023, 12 (01):
  • [22] Access control scheme based on blockchain and attribute-based searchable encryption in cloud environment
    Liang Yan
    Lina Ge
    Zhe Wang
    Guifen Zhang
    Jingya Xu
    Zheng Hu
    Journal of Cloud Computing, 12
  • [23] A Correct-by-Construction Model for Attribute-Based Access Control
    Gadouche, Hania
    Farah, Zoubeyr
    Tari, Abdelkamel
    MODEL AND DATA ENGINEERING, MEDI 2018, 2018, 11163 : 233 - 247
  • [24] Firewall for Attribute-Based Access Control in Smart Grids
    Ruland, Christoph
    Sassmannshausen, Jochen
    2018 THE 6TH IEEE INTERNATIONAL CONFERENCE ON SMART ENERGY GRID ENGINEERING (SEGE 2018), 2018, : 336 - 341
  • [25] Attribute-Based Access Control in an Adaptive Hypermedia System
    Ballesteros, Pedro
    Donoso, Yezid
    2009 FOURTH INTERNATIONAL CONFERENCE ON SYSTEMS (ICONS), 2009, : 114 - 119
  • [26] Efficiently Supporting Attribute-Based Access Control in Linux
    Varshith, H. O. Sai
    Sural, Shamik
    Vaidya, Jaideep
    Atluri, Vijayalakshmi
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2024, 21 (04) : 2012 - 2026
  • [27] Efficient and Secure Attribute-Based Access Control With Identical Sub-Policies Frequently Used in Cloud Storage
    Xue, Kaiping
    Gai, Na
    Hong, Jianan
    Wei, David S. L.
    Hong, Peilin
    Yu, Nenghai
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (01) : 635 - 646
  • [28] Auditable σ-Time Outsourced Attribute-Based Encryption for Access Control in Cloud Computing
    Ning, Jianting
    Cao, Zhenfu
    Dong, Xiaolei
    Liang, Kaitai
    Ma, Hui
    Wei, Lifei
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2018, 13 (01) : 94 - 105
  • [29] Multi-tenant attribute-based access control for cloud infrastructure services
    Canh Ngo
    Demchenko, Yuri
    de Laat, Cees
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2016, 27-28 : 65 - 84
  • [30] An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service
    Nyamsuren Vaanchig
    Wei Chen
    Zhi-Guang Qin
    Journal of Electronic Science and Technology, 2017, 15 (01) : 90 - 98
12345