Role-Based Access Control Models
Computer
An administration concept for the enterprise role-based access control model
Proceedings of the eighth ACM symposium on Access control models and technologies
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Policy Analysis for Administrative Role Based Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Administration in role-based access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Journal of Computer Security - Special issue on CSFW15
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Towards SMT Model Checking of Array-Based Systems
IJCAR '08 Proceedings of the 4th international joint conference on Automated Reasoning
Towards Formal Verification of Role-Based Access Control Policies
IEEE Transactions on Dependable and Secure Computing
Symbolic reachability analysis for parameterized administrative role based access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Deciding Effectively Propositional Logic Using DPLL and Substitution Sets
Journal of Automated Reasoning
Automated symbolic analysis of ARBAC-policies
STM'10 Proceedings of the 6th international conference on Security and trust management
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
MCMT: a model checker modulo theories
IJCAR'10 Proceedings of the 5th international conference on Automated Reasoning
ASASP: automated symbolic analysis of security policies
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Automated symbolic analysis of ARBAC-policies
STM'10 Proceedings of the 6th international conference on Security and trust management
Automated analysis of infinite state workflows with access control policies
STM'11 Proceedings of the 7th international conference on Security and Trust Management
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Symbolic backward reachability with effectively propositional logic
Formal Methods in System Design
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
Reachability analysis for role-based administration of attributes
Proceedings of the 2013 ACM workshop on Digital identity management
Policy analysis for administrative role based access control without separate administration
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Journal of Computer Security - STM'10
| Hi-index | 0.00 |
Automated techniques for the security analysis of Role-Based Access Control (RBAC) access control policies are crucial for their design and maintenance. The definition of administrative domains by means of attributes attached to users makes the RBAC model easier to use in real scenarios but complicates the development of security analysis techniques, that should be able to modularly reason about a wide range of attribute domains. In this paper, we describe an automated symbolic security analysis technique for administrative attribute-based RBAC policies. A class of formulae of first-order logic is used as an adequate symbolic representation for the policies and their administrative actions. State-of-the-art automated theorem proving techniques are used (off-the-shelf) to mechanize the security analysis procedure. Besides discussing the assumptions for the effectiveness and termination of the procedure, we demonstrate its efficiency through an extensive empirical evaluation.