A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Evolving algebras 1993: Lipari guide
Specification and validation methods
Dealing with Multi-policy Security in Large Open Distributed Systems
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
A Flexible Method for Information System Security Policy Specification
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Specifying a security policy: a case study
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Analyzing consistency of security policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
| Hi-index | 0.04 |
A general framework for simulating security policies interactively is developed by ASMs (Gurevich's Abstract State Machines) and then mechanised by the ASM Workbench. The ASM external functions make it possible to simulate under the environmental influence the behaviour of a policy. The interactive features of the Workbench allow the simulation of the policy norms that apply to a given case study, facilitating their understanding. Possible inconsistencies affecting the case study can be automatically detected during the simulation and widely documented. The framework is demonstrated on a published, example security policy. The findings support the claim that adding priorities to roles achieves the crucial goal of consistency.