Specification and verification of access control policies in EB3SEC: work in progress

Authors:
Pierre Konopacki;Hakim Belhaouari;Marc Frappier;Régine Laleau
Affiliations:
GRIL, Département d'informatique, Université de Sherbrooke, Canada and Université Paris-Est, LACL, IUT Sénart Fontainebleau, Fontainebleau, France;Université Paris-Est, LACL, IUT Sénart Fontainebleau, Fontainebleau, France;GRIL, Département d'informatique, Université de Sherbrooke, Canada;Université Paris-Est, LACL, IUT Sénart Fontainebleau, Fontainebleau, France
Venue:
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Year:
2011

Citing 5
Cited 0

Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Role-Based Access Control

Role-Based Access Control
An obligation model bridging access control policies and privacy policies

Proceedings of the 13th ACM symposium on Access control models and technologies
A Lightweight Container Architecture for Runtime Verification

Runtime Verification
Comparison of model checking tools for information systems

ICFEM'10 Proceedings of the 12th international conference on Formal engineering methods and software engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Information systems are widely used and help in the management of huge quantities of data. Generally, these data are valuable or sensitive, their access must be restricted to granted users. Security is a mandatory requirement for information systems. Several methods already exist to express access control policies, but few of them, like eb3sec, support all kinds of constraints that can be defined in access control policies. In this paper, we present how to use eb3sec to express two kinds of access control constraints : permissions and prohibitions. Once, constraints are expressed, we provide algorithms to verify that the model of the policy do not lead to deadlock.