A Verification Framework for Temporal RBAC with Role Hierarchy (Short Paper)

Authors:
Samrat Mondal;Shamik Sural
Affiliations:
School of Information Technology, Indian Institute of Technology, Kharagpur;School of Information Technology, Indian Institute of Technology, Kharagpur
Venue:
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Year:
2008

Citing 10
Cited 1

A theory of timed automata

Theoretical Computer Science
Role-Based Access Control Models

Computer
TRBAC: A temporal role-based access control model

ACM Transactions on Information and System Security (TISSEC)
Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model

COMPSAC '02 Proceedings of the 26th International Computer Software and Applications Conference on Prolonging Software Life: Development and Redevelopment
Static verification of security requirements in role based CSCW systems

Proceedings of the eighth ACM symposium on Access control models and technologies
A Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Knowledge and Data Engineering
A Role-Based Access Control Policy Verification Framework for Real-Time Systems

WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Security analysis in role-based access control

ACM Transactions on Information and System Security (TISSEC)
Security Analysis of Temporal-RBAC Using Timed Automata

IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Towards Formal Verification of Role-Based Access Control Policies

IEEE Transactions on Dependable and Secure Computing

Specification and analysis of access control policies for mobile applications

Proceedings of the 18th ACM symposium on Access control models and technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper a Timed Automata (TA) based verification framework is proposed for Temporal RBAC. Roles, users, permissions - three basic components of RBAC are modeled using TA. These components interact with each other through channel synchronization. A parallel composition of TA is used to construct the complete system. Temporal constraints on roles, user-role assignments and role-permission assignments are conveniently expressed in this representation. Furthermore, both role hierarchy and separation of duty (SoD) have been incorporated in the proposed framework. Security properties are specified using Computation Tree Logic (CTL) and verified by model checking.