Integration of security policy into system modeling

Authors:
Nazim Benaïssa;Dominique Cansell;Dominique Méry
Affiliations:
Université Henri Poincaré Nancy 1;Université de Metz;Université Henri Poincaré Nancy 1
Venue:
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
Year:
2007

Citing 6
Cited 4

Parallel program design: a foundation

Parallel program design: a foundation
Role-Based Access Control Models

Computer
The B-book: assigning programs to meanings

The B-book: assigning programs to meanings
Formal specification for role based access control user/role and role/role relationship management

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks

A Verifiable Conformance Relationship between Smart Card Applets and B Security Models

ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
MIRAGE: a management tool for the analysis and deployment of network security policies

DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
A systematic approach to integrate common timed security rules within a TEFSM-based system specification

Information and Software Technology
Model-Driven security policy deployment: property oriented approach

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We address the proof-based development of (system) models satisfying a security policy. The security policy is expressed in a model called OrBAC, which allows one to state permissions and prohibitions on actions and activities and belongs to the family of role-based access control formalisms. The main question is to validate the link between the security policy expressed in OrBAC and the resulting system; a first abstract B model is derived from the OrBAC specification of the security policy and then the model is refined to introduce properties that can be expressed in OrBAC. The refinement guarantees that the resulting B (system) model satisfies the security policy. We present a generic development of a system with respect to a security policy and it can be instantiated later for a given security policy.