On the Construction and Verification of Self-modifying Access Control Policies

Authors:
David Power;Mark Slaymaker;Andrew Simpson
Affiliations:
Computing Laboratory, Oxford University, Oxford, United Kingdom OX1 3QD;Computing Laboratory, Oxford University, Oxford, United Kingdom OX1 3QD;Computing Laboratory, Oxford University, Oxford, United Kingdom OX1 3QD
Venue:
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Year:
2009

Citing 10
Cited 0

Alloy: a lightweight object modelling notation

ACM Transactions on Software Engineering and Methodology (TOSEM)
Reasoning about XACML policies using CSP

Proceedings of the 2005 workshop on Secure web services
PolicyUpdater: a system for dynamic access control

International Journal of Information Security
Synthesising verified access control systems through model checking

Journal of Computer Security
On the Facilitation of Fine-Grained Access to Distributed Healthcare Data

SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Automated verification of access control policies using a SAT solver

International Journal on Software Tools for Technology Transfer (STTT)
On Formalizing and Normalizing Role-Based Access Control Systems

The Computer Journal
Kodkod: a relational model finder

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Specifying and reasoning about dynamic access-control policies

IJCAR'06 Proceedings of the Third international joint conference on Automated Reasoning
A logic for state-modifying authorization policies

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Typically, access control policies are either static or depend on independently maintained external state to achieve some notion of dynamism. While it is possible to fully verify the properties of static policies, any reference to external state will necessarily limit the scope of such verification. In this paper we explore the feasibility of describing self-modifying policies which contain both rules for granting access and rules for the modification of the policy. Policy level constraints are used to define validity. Using these constraints it becomes possible to verify both the current state of the policy and any possible future states. A working prototype is described which utilises a relational model finder to perform the verification. The prototype is capable of generating instances of failure cases and presenting them via a simple user interface.