The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
An Introduction to the Theoretical Aspects of Coloured Petri Nets
A Decade of Concurrency, Reflections and Perspectives, REX School/Symposium
Dynamic access control through Petri net workflows
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Verifying Enterprise 's Mandatory Access Control Policies with Coloured Petri Nets
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
A Role-Based Access Control Policy Verification Framework for Real-Time Systems
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Verification of Strict Integrity Policy via Petri Nets
ICSNC '06 Proceedings of the International Conference on Systems and Networks Communication
A Trust and Context Based Access Control Model for Distributed Systems
HPCC '08 Proceedings of the 2008 10th IEEE International Conference on High Performance Computing and Communications
Specification of SA-RBAC Policy Based on Colored Petri Net
WI-IAT '08 Proceedings of the 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
The Realization of RBAC Model in Office Automation System
FITME '08 Proceedings of the 2008 International Seminar on Future Information Technology and Management Engineering
Verification and Analysis of Access Control Policy with Colored Petri Net
ICCSN '09 Proceedings of the 2009 International Conference on Communication Software and Networks
Injecting a permission-based delegation model to secure web-based workflow systems
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Hi-index | 0.00 |
Role Based Access Control (RBAC) is one of the most used models in designing and implementation of security policies in large networking systems. The classical model doesn't consider temporal aspects which are so important in such policies. Temporal RBAC (TRBAC) is proposed to deal with these aspects. Although the elegance of these models, design a security policy remains a challenge. One is obliged to prove the consistency and the correctness of the policy. Using formal verification allows proving that the designed policy is consistent. In this paper, we present a formal modelling/analysis approach for TRBAC policies. We use Timed Colored Petri Nets to model the TRBAC policy, and then CPN-tool is used to analyze the generated models. The analysis allows proving many important properties about the TRBAC security policy.