Using timed colored petri nets and CPN-tool to model and verify TRBAC security policies
VECoS'10 Proceedings of the Fourth international conference on Verification and Evaluation of Computer and Communication Systems
| Hi-index | 0.00 |
A Trust and Context based Access Control model (TCAC) is proposed in this paper, which integrates trust value and context information of users into traditional role based access control. TCAC is flexible and dynamic to limit the authorizations to users. Verification and analysis of access control policy can help us understand the security requirements and states of systems. Colored Petri Net (CPN) extends the traditional Petri net, it can simply the net structure, and analyze the security and correctness of complicated systems before really constructing them. We present a CPN model of role activation/ deactivation of TCAC policy, and discuss the color sets, places, arc expressions and guard functions in CPN model. The consistency of TCAC policy is verified based on CPN model and reachability analysis.