Verification and enforcement of access control policies

被引:0
|
作者
Antonio Cau
Helge Janicke
Ben Moszkowski
机构
[1] De Montfort University,Software Technology Research Laboratory
来源
Formal Methods in System Design | 2013年 / 43卷
关键词
Access control policy; Policy enforcement; Policy verification; Binary decision diagram;
D O I
暂无
中图分类号
学科分类号
摘要
Access control mechanisms protect critical resources of systems from unauthorized access. In a policy-based management approach, administrators define user privileges as rules that determine the conditions and the extent of users’ access rights. As rules become more complex, analytical skills are required to identify conflicts and interactions within the rules that comprise a system policy—especially when rules are stateful and depend on event histories. Without adequate tool support such an analysis is error-prone and expensive. In consequence, many policy specifications are inconsistent or conflicting that render the system insecure. The security of the system, however, does not only depend on the correct specification of the security policy, but in a large part also on the correct interpretation of those rules by the system’s enforcement mechanism.
引用
收藏
页码:450 / 492
页数:42
相关论文
共 50 条
  • [1] Verification and enforcement of access control policies
    Cau, Antonio
    Janicke, Helge
    Moszkowski, Ben
    FORMAL METHODS IN SYSTEM DESIGN, 2013, 43 (03) : 450 - 492
  • [2] UML specification of access control policies and their formal verification
    Koch M.
    Parisi-Presicce F.
    Software & Systems Modeling, 2006, 5 (4) : 429 - 447
  • [3] A comprehensive approach to the automatic refinement and verification of access control policies
    Cherninod, Manuel
    Durante, Luca
    Seno, Lucia
    Valenza, Fulvio
    Valenzano, Adriano
    COMPUTERS & SECURITY, 2019, 80 : 186 - 199
  • [4] Cost-Effective Enforcement of Access and Usage Control Policies Under Uncertainties
    Krautsevich, Leanid
    Lazouski, Aliaksandr
    Martinelli, Fabio
    Yautsiukhin, Artsiom
    IEEE SYSTEMS JOURNAL, 2013, 7 (02): : 223 - 235
  • [5] A policy enforcement framework for verification and control of service collaboration
    Tsai, W. T.
    Zhou, Xinyu
    Wei, Xiao
    INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT, 2008, 6 (01) : 83 - 107
  • [6] A policy enforcement framework for verification and control of service collaboration
    W. T. Tsai
    Xinyu Zhou
    Xiao Wei
    Information Systems and e-Business Management, 2008, 6 : 83 - 107
  • [7] Checking Policy Enforcement in an Access Control Aspect Model
    Song, Eunjee
    France, Robert
    Ray, Indrakshi
    Kim, Hanil
    INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL, 2008, 11 (05): : 541 - 552
  • [8] General Methods for Access Control Policy Verification
    Hu, Vincent C.
    Kuhn, D. Richard
    PROCEEDINGS OF 2016 IEEE 17TH INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION (IEEE IRI), 2016, : 315 - 323
  • [9] Distributed access control policies for spectrum sharing
    Baldini, Gianmarco
    Fovino, Igor Nai
    Braghin, Stefano
    Trombetta, Alberto
    SECURITY AND COMMUNICATION NETWORKS, 2013, 6 (08) : 925 - 935
  • [10] Access Control Policy Enforcement for Zero-Trust-Networking
    Vanickis, Romans
    Jacob, Paul
    Dehghanzadeh, Sohelia
    Lee, Brian
    2018 29TH IRISH SIGNALS AND SYSTEMS CONFERENCE (ISSC), 2018,
12345