Fixed-Parameter Tractability and Completeness I: Basic Results
SIAM Journal on Computing
Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Model checking
Alcoa: the alloy constraint analyzer
Proceedings of the 22nd international conference on Software engineering
Protection in operating systems
Communications of the ACM
Reduction: a method of proving properties of parallel programs
Communications of the ACM
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A lightweight approach to specification and analysis of role-based access control extensions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model for role administration using organization structure
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Partial-Order Methods for the Verification of Concurrent Systems: An Approach to the State-Explosion Problem
An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Using Event Calculus to Formalise Policy Specification and Analysis
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A case study in access control requirements for a Health Information System
ACSW Frontiers '04 Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation - Volume 32
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
Policy Analysis for Administrative Role Based Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Journal of Computer Security - Special issue on CSFW15
EON: modeling and analyzing dynamic access control systems with logic programs
Proceedings of the 15th ACM conference on Computer and communications security
Authorization and Obligation Policies in Dynamic Systems
ICLP '08 Proceedings of the 24th International Conference on Logic Programming
RBAC-PAT: A Policy Analysis Tool for Role Based Access Control
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
Towards formal security analysis of GTRBAC using timed automata
Proceedings of the 14th ACM symposium on Access control models and technologies
Symbolic reachability analysis for parameterized administrative role based access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Maintaining control while delegating trust: Integrity constraints in trust management
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 15th ACM symposium on Access control models and technologies
Analysis of privacy and security policies
IBM Journal of Research and Development
Mining likely properties of access control policies via association rule mining
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Mining Roles with Multiple Objectives
ACM Transactions on Information and System Security (TISSEC)
Satisfiability and Resiliency in Workflow Authorization Systems
ACM Transactions on Information and System Security (TISSEC)
User-role reachability analysis of evolving administrative role based access control
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Towards automatic update of access control policy
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Efficient symbolic automated analysis of administrative attribute-based RBAC-policies
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Adversaries' Holy Grail: access control analytics
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
ASASP: automated symbolic analysis of security policies
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Policy analysis for Administrative Role-Based Access Control
Theoretical Computer Science
Automatic error finding in access-control policies
Proceedings of the 18th ACM conference on Computer and communications security
Automated symbolic analysis of ARBAC-policies
STM'10 Proceedings of the 6th international conference on Security and trust management
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Ensuring authorization privileges for cascading user obligations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Analyzing temporal role based access control models
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Symbolic backward reachability with effectively propositional logic
Formal Methods in System Design
Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
ACM Transactions on Information and System Security (TISSEC)
Policy analysis for self-administrated role-based access control
TACAS'13 Proceedings of the 19th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
A white-box policy analysis and its efficient implementation
Proceedings of the 18th ACM symposium on Access control models and technologies
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
Policy analysis for administrative role based access control without separate administration
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Journal of Computer Security - STM'10
Formal verification of security properties in trust management policy
Journal of Computer Security
| Hi-index | 0.00 |
Administrative RBAC (ARBAC) policies specify how Role-Based Access Control (RBAC) policies may be changed by each administrator. It is often difficult to fully understand the effect of an ARBAC policy by simple inspection, because sequences of changes by different administrators may interact in unexpected ways. ARBAC policy analysis algorithms can help by answering questions, such a suser-role reachability, which asks whether a given user can be assigned to given roles by given administrators. This problem is intractable in general. This paper identifies classes of policies of practical interest, develops analysis algorithms for them, and analyzes their parameterized complexity, showing that the algorithms may have high complexity with respect to some parameter k characterizing the hardness of the input (such that k is often small in practice) but have polynomial complexity in terms of the overall input size when the value of k is fixed.