The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Lattice-Based Access Control Models
Computer
NETRA:: seeing through access control
Proceedings of the fourth ACM workshop on Formal methods in security
Canonical Abstract Syntax Trees
Electronic Notes in Theoretical Computer Science (ENTCS)
A pattern matching compiler for multiple target languages
CC'03 Proceedings of the 12th international conference on Compiler construction
Tom: piggybacking rewriting on java
RTA'07 Proceedings of the 18th international conference on Term rewriting and applications
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Specifying and reasoning about dynamic access-control policies
IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
You should better enforce than verify
RV'10 Proceedings of the First international conference on Runtime verification
A dynamic access control model
Applied Intelligence
Hi-index | 0.00 |
Data protection within information systems is one of the main concerns in computer systems security and different access control policies can be used to specify the access requests that should be granted or denied. These access control mechanisms should guarantee that information can be accessed only by authorized users and thus prevent all information leakage. We propose a methodology for specifying and implementing access control policies using the rewrite based framework Tom. This approach allows us to check that any reachable state obtained following a granted access in the implementation satisfies the policy specification. We show that when security levels are not totally ordered some information leakage can be detected.