Protection in operating systems
Communications of the ACM
The Theory and Practice of Concurrency
The Theory and Practice of Concurrency
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Verifying Properties of Large Sets of Processes with Network Invariants
Proceedings of the International Workshop on Automatic Verification Methods for Finite State Systems
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
On model checking data-independent systems with arrays without reset
Theory and Practice of Logic Programming
Synthesising verified access control systems in XACML
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
On the automated analysis of safety in usage control: a new decidability result
NSS'12 Proceedings of the 6th international conference on Network and System Security
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
An access control system regulates the rights of users to gain access to resources in accordance with a specified policy. The rules in this policy may interact in a way that is not obvious via human inspection; there is, therefore, a need for automated verification techniques that can check whether a policy does indeed implement some desired security requirement. Thirty years ago, a formalisation of access control presented a model and a safety specification for which satisfaction is undecidable. Subsequent research, aimed at finding restricted versions that obtain the decidability of this problem, yielded models without satisfactory expressive power for practical systems. Instead of restricting the model, we reexamine the safety specification. We develop a new logic that can express a wide variety of safety properties over access control systems, and show that model checking is decidable for a useful fragment of this logic.