Modelling dynamic access control policies for web-based collaborative systems

Authors:
Hasan Qunoo;Mark Ryan
Affiliations:
School of Computer Science, University of Birmingham, UK;School of Computer Science, University of Birmingham, UK
Venue:
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Year:
2010

Citing 7
Cited 3

Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Cassandra: Distributed Access Control Policies with Tunable Expressiveness

POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Synthesising verified access control systems in XACML

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
DKAL: Distributed-Knowledge Authorization Language

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Specification and Analysis of Dynamic Authorisation Policies

CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium

Program synthesis in administration of higher-order permissions

Proceedings of the 16th ACM symposium on Access control models and technologies
Privacy supporting cloud computing: confichair, a case study

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Privacy-supporting cloud computing by in-browser key translation

Journal of Computer Security - Security and Trust Principles

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a modelling language, called X-Policy, for web-based collaborative systems with dynamic access control policies. The access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.