A verifiable formal specification for RBAC model with constraints of separation of duty

Authors:
Chunyang Yuan;Yeping He;Jianbo He;Zhouyi Zhou
Affiliations:
Institute of Software, Chinese Academy of Sciences, Beijing, PRC;Institute of Software, Chinese Academy of Sciences, Beijing, PRC;Institute of Software, Chinese Academy of Sciences, Beijing, PRC;Institute of Software, Chinese Academy of Sciences, Beijing, PRC
Venue:
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Year:
2006

Citing 9
Cited 4

The Z notation: a reference manual

The Z notation: a reference manual
Role-Based Access Control Models

Computer
Formal methods: state of the art and future directions

ACM Computing Surveys (CSUR) - Special ACM 50th-anniversary issue: strategic directions in computing research
Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)
A First Step Towards Formal Verification of Security Policy Properties for RBAC

QSIC '04 Proceedings of the Quality Software, Fourth International Conference
A Role-Based Access Control Policy Verification Framework for Real-Time Systems

WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
A formal description of SECIMOS operating system

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Representation and reasoning on RBAC: a description logic approach

ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing

On the Formal Analysis of a Spatio-temporal Role-Based Access Control Model

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools

Transactions on Computational Science IV
Ensuring spatio-temporal access control for real-world applications

Proceedings of the 14th ACM symposium on Access control models and technologies
Validation of security-design models using Z

ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Formal method provides a way to achieve an exact and consistent definition of security for a given scenario. This paper presents a formal state-based verifiable RBAC model described with Z language, in which the state-transition functions are specified formally. Based on the separation of duty policy, the constraint rules and security theorems are constructed. Using a case study, we show how to specify and verify the consistency of formal RBAC system with theorem proving. By specifying RBAC model formally, it provides a precise description for the system security requirements. The internal consistency of this model can be validated by verification of the model.