Verifying Enterprise 's Mandatory Access Control Policies with Coloured Petri Nets

Authors:
Krzysztof Juszczyszyn
Affiliations:
-
Venue:
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Year:
2003

Citing 4
Cited 8

ML for the working programmer

ML for the working programmer
Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3

Coloured Petri nets: basic concepts, analysis methods and practical use, volume 3
A lattice model of secure information flow

Communications of the ACM
Managing access control complexity using metrices

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies

Specification of SA-RBAC Policy Based on Colored Petri Net

WI-IAT '08 Proceedings of the 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
Access Control Management for SCADA Systems

IEICE - Transactions on Information and Systems
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools

Transactions on Computational Science IV
A Formal Approach for the Evaluation of Network Security Mechanisms Based on RBAC Policies

Electronic Notes in Theoretical Computer Science (ENTCS)
Component-based security policy design with colored Petri nets

Semantics and algebraic specification
Using timed colored petri nets and CPN-tool to model and verify TRBAC security policies

VECoS'10 Proceedings of the Fourth international conference on Verification and Evaluation of Computer and Communication Systems
Secure interoperation design in multi-domains environments based on colored Petri nets

Information Sciences: an International Journal
Automatic information flow analysis of business process models

BPM'12 Proceedings of the 10th international conference on Business Process Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The paper addresses important problems met whenimplementing mandatory access control policies incomplex distributed systems (e.g.enterprise networks).The role of formal security models is also presented andthe properties of the model suitable for systems underconsideration are defined.Then a formal security model,Secure Coloured Petri Net - using coloured Petri net'ssemantics - is proposed. It is shown how the enterprisesecurity management system may take advantage of theproposed model's properties. Application of colouredPetri nets analysis and construction methods toinformation flow security analysis is also proposed anddiscussed.