A Model Checking Based Approach for Verification of Attribute-Based Access Control Policies in Cloud Infrastructures

被引:0
作者
Kotenko, Igor [1 ,2 ]
Saenko, Igor [1 ,2 ]
Levshun, Dmitry [1 ,2 ]
机构
[1] Russian Acad Sci SPIIRAS, St Petersburg Inst Informat & Automat, 14 Th Liniya,39, St Petersburg 199178, Russia
[2] St Petersburg Natl Res Univ Informat Technol Mech, ITMO Univ, 49 Kronverkskiy Prospekt, St Petersburg 197101, Russia
来源
PROCEEDINGS OF THE FOURTH INTERNATIONAL SCIENTIFIC CONFERENCE INTELLIGENT INFORMATION TECHNOLOGIES FOR INDUSTRY (IITI'19) | 2020年 / 1156卷
关键词
Access control; Model checking; Temporal logics; ABAC; Cloud infrastructure;
D O I
10.1007/978-3-030-50097-9_17
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Attribute-Based Access Control (ABAC) model is a perspective access control model for cloud infrastructures used for automation of industrial, transport and energy systems as they include large number of users, resources and dynamical changed permissions. The paper considers the features of ABAC model and the theoretical background for verification of the ABAC policies based on the model checking. The possibility of applying the model checking is justified on the example of the ABAC policy. Implementation of the proposed approach was made using the UPPAAL verification tool. Experimental assessment shows high acceptability of the model checking not only for finding anomalies in ABAC policies but for finding decisions to eliminate them.
引用
收藏
页码:165 / 175
页数:11
相关论文
共 50 条
  • [31] Classifying and Comparing Attribute-Based and Relationship-Based Access Control
    Ahmed, Tahmina
    Sandhu, Ravi
    Park, Jaehong
    PROCEEDINGS OF THE SEVENTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY'17), 2017, : 59 - 70
  • [32] Hierarchical Attribute-based Access Control with Authentication for Outsourced Data in Cloud Computing
    Liu, Xuejiao
    Xia, Yingjie
    Jiang, Shasha
    Xia, Fubiao
    Wang, Yanbo
    2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013), 2013, : 477 - 484
  • [33] Improving Reuse of Attribute-Based Access Control Policies Using Policy Templates
    Decat, Maarten
    Moeys, Jasper
    Lagaisse, Bert
    Joosen, Wouter
    ENGINEERING SECURE SOFTWARE AND SYSTEMS (ESSOS 2015), 2015, 8978 : 196 - 210
  • [34] Secure and Efficient General Circuits Attribute-Based Access Control in Cloud Computing
    Wu, Qing
    Li, Liangjun
    Zhang, Leyou
    Mu, Yi
    Rezaeibagha, Fatemeh
    IEEE SYSTEMS JOURNAL, 2022, 16 (04): : 5533 - 5543
  • [35] An Attribute-Based Controlled Collaborative Access Control Scheme for Public Cloud Storage
    Xue, Yingjie
    Xue, Kaiping
    Gai, Na
    Hong, Jianan
    Wei, David S. L.
    Hong, Peilin
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2019, 14 (11) : 2927 - 2942
  • [36] Attribute-based Mining Process for the Organization-Based Access Control Model
    Wazan, Ahmad Samer
    Blanc, Gregory
    Debar, Herve
    Garcia-Alfaro, Joaquin
    2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013), 2013, : 421 - 430
  • [37] A Temporal and Spatial Constrained Attribute-Based Access Control Scheme for Cloud Storage
    Liu, Zechao
    Jiang, Zoe L.
    Wang, Xuan
    Yiu, S. M.
    Zhang, Ruoqing
    Wu, Yulin
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, : 614 - 623
  • [38] HoBAC: toward a Higher-order Attribute-Based Access Control Model
    Aliane, Linda
    Adda, Mehdi
    16TH INTERNATIONAL CONFERENCE ON MOBILE SYSTEMS AND PERVASIVE COMPUTING (MOBISPC 2019),THE 14TH INTERNATIONAL CONFERENCE ON FUTURE NETWORKS AND COMMUNICATIONS (FNC-2019),THE 9TH INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY INFORMATION TECHNOLOGY, 2019, 155 : 303 - 310
  • [39] Time-Domain Attribute-Based Access Control for Cloud-Based Video Content Sharing: A Cryptographic Approach
    Yang, Kan
    Liu, Zhen
    Jia, Xiaohua
    Shen, Xuemin Sherman
    IEEE TRANSACTIONS ON MULTIMEDIA, 2016, 18 (05) : 940 - 950
  • [40] Attribute-Based Access Control in Service Mesh
    Ponomarev, Kirill Yu.
    2019 DYNAMICS OF SYSTEMS, MECHANISMS AND MACHINES (DYNAMICS), 2019,
12345