The Z notation: a reference manual
The Z notation: a reference manual
Role-Based Access Control Models
Computer
Formal methods: state of the art and future directions
ACM Computing Surveys (CSUR) - Special ACM 50th-anniversary issue: strategic directions in computing research
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
A First Step Towards Formal Verification of Security Policy Properties for RBAC
QSIC '04 Proceedings of the Quality Software, Fourth International Conference
A Role-Based Access Control Policy Verification Framework for Real-Time Systems
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
A formal description of SECIMOS operating system
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Transactions on Computational Science IV
Ensuring spatio-temporal access control for real-world applications
Proceedings of the 14th ACM symposium on Access control models and technologies
Validation of security-design models using Z
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Hi-index | 0.00 |
Formal method provides a way to achieve an exact and consistent definition of security for a given scenario. This paper presents a formal state-based verifiable RBAC model described with Z language, in which the state-transition functions are specified formally. Based on the separation of duty policy, the constraint rules and security theorems are constructed. Using a case study, we show how to specify and verify the consistency of formal RBAC system with theorem proving. By specifying RBAC model formally, it provides a precise description for the system security requirements. The internal consistency of this model can be validated by verification of the model.