A compositional framework for access control policies enforcement

Proceedings of the ACM Workshop on Formal Methods in Security Engineering

Volumn , Issue , 2003, Pages 32-42

  Siewe, François ^a   Cau, Antonio ^a   Zedan, Hussein ^a  

^a DE MONTFORT UNIVERSITY   (United Kingdom)

Author keywords

Access control; Authorization; Delegation; Policy composition

Indexed keywords

COMPUTATION THEORY; DIGITAL LIBRARIES; FORMAL LOGIC; HIGH LEVEL LANGUAGES; ITERATIVE METHODS; LOGIC PROGRAMMING; REAL TIME SYSTEMS;

ACCESS CONTROL; AUTHORIZATION; DELEGATION; POLICY COMPOSITION;

SECURITY OF DATA;

EID: 2642573551     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1035429.1035433     Document Type: Conference Paper

References (21)

1. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15(3): 1-29, September 1993.
2. D. Bell and L. Lapadula. Secure computer system unified exposition and multics interpretation. Technical Report MTR-2997, MITRE, Bedford, MA, 1975.
3. E. Bertino, C. Bettini, E. Ferrari, and P. Samarati. A Temporal Access Control Mechanism for Database systems. IEEE Transactions on knowledge and data engineering, 8(1):67-80, February 1996.
4. E. Bertino, C. Bettini, E. Ferrari, and P. Samarati. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ACM Transaction on Database Systems, 23(3):213-285, September 1998.
5. P. Bonatti, S. Vimercati, and P. Samarati. An algebra for composing access control policies. ACM Transaction on Information and System security, 5(1:l-35, February 2002.
6. A. Cau, B. Moszkowski, and H. Zedan. Interval Temporal Logic. http://www.cse.dmu.ac.uk/~cau/itlhomepage/.
7. A. Cau and H. Zedan. Refining Interval Temporal Logic Specifications. In M. Bertran and T. Rus, editors, Transformation-Based Reactive Systems Development, volume 1231 of LNCS, pages 79-94, AMAST, 1997. Sprinrg-Verlag.
8. N. C. Damianou. A Policy Framework for Management of Distributed Systems. PhD thesis, Imperial College of Science, Technology and Medicine, University of London, February 2002.
9. P. Devanbu and S. Stubblebine. Software engineering for security: a roadmap. In A. Finkelstein, editor, The Future of Software Engineering, pages 225-239. ACM Press, 2000. Special Volume (ICSE 2000).
10. R. W. S. Hale. Programming in Temporal Logic. PhD thesis, Trinity College, University of Cambridge, October 1988.
11. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in Operating Systems. Communications of the ACM, 19(8):461-471, 1976.
12. S. Jajodia, P. Samarati, V. S. Subrahmanian, and E. Bertino. A unified framework for enforcing multiple access control policies. ACM transaction on Database Systems, 26(2):214-260, June 2001.
13. J. McLean. Security Models. In J. Marciniak, editor, Encyclopedia of Software Engineering. Wiley Press, 1994.
14. B. Moszkowski. Executing Temporal Logic Programs. Cambridge University Press, England, 1986.
15. B. Moszkowski. Compositional reasoning using interval temporal logic and tempura. In W.-P. d. Roever, H. Langmaack, and A. Pnueli, editors, Compositionality: The Significant Difference, volume 1486 of LNCS, pages 439-464, Berlin, 1998. Springer Verlag.
16. P. Samarati and S. Vimercati. Access Control: Policies, Models, and Mechanisms. In R. Focardi and R. Gorrieri, editors, Foundations of Security Analysis and Design (Tutorial Lectures), pages 137-196. Springer-Verlag, September 2000.
17. R. Sandhu. Transaction Control Expressions for Separation of Duties. IEEE, pages 282-286, 1988.
18. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. IEEE Computer, 29(2):38-47, 1996.
19. F. B. Schneider. Enforceable Security Policies. ACM Transactions on Information and System Security, 3(1):30-50, February 2000.
20. T. Y. C. Woo and S. S. Lam, Authorization in distributed systems: A new approach. Journal of Computer Security, 2(2,3):107-136, 1993.
21. H. Zedan, A. Cau, and B. Moszkowski. Compositional Modelling: The Formal Perspective. In D. Bustard, editor, Workshop on Systems Modelling for Business Process Improvement, pages 333-354. Artech House, 2000.