Synthesising verified access control systems through model checking

Journal of Computer Security

Volumn 16, Issue 1, 2008, Pages 1-61

  Zhang, Nan ^a   Ryan, Mark ^a   Guelev, Dimitar P ^b  

^a UNIVERSITY OF BIRMINGHAM   (United Kingdom)

^b BULGARIAN ACADEMY OF SCIENCES   (Bulgaria)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; CONTROL SYSTEMS; INFORMATION ANALYSIS; MODEL CHECKING; USER INTERFACES;

ACCESS CONTROL POLICIES; ACCESS CONTROL SYSTEMS; LEGITIMATE GOALS;

ACCESS CONTROL;

EID: 37249072460     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2008-16101     Document Type: Article

References (35)

1. S. Abiteboul, R. Hull and V. Vianu, Foundations of Databases, Addison Wesley, 1995, Chapter 7.
2. T. Ahmed and A.R. Tripathi, Static verification of security requirements in role based CSCW systems, in: SACMAT'03, Como, Italy, Jun 2003.
3. R. Alur, L. deAlfaro, T.A. Henzinger, S.C. Krishnan, F.Y.C. Mang, S. Qadeer, S.K. Rajamani and S. Tasiran, Mocha User Manual, The manual and the model checker can be obtained from http://www.eecs.berkeley.edu/-mocha
4. R. Alur, T.A. Henzinger and O. Kupferman, Alternating-time temporal logic, in: Compositionality -The Significant Difference, LNCS 1536, Springer-Verlag, 1999, pp. 23-60.
5. J. Bacon, K. Moody and W. Yao, A model of OASIS role-based access control and its support for active security, in: 6th ACM symposium on Access control models and technologies, Chantilly, VA, USA, ACM Press, 2001, pp. 171-181.
6. E.S. Barka, Framework for role-based delegation models, PhD thesis, George Mason University, 2002.
7. A. Belokosztolszk and K. Moody, Meta-policies for distributed role-based access control systems, in: 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), IEEE Computer Society, 2002, p. 106.
8. R. Cavada, A. Cimatti, E. Olivetti, G. Keighren, M. Pistore and M. Roveri, NuSMV 2.2 User Manual, 2005. This document and the model checker can be obtained from http://nusmv.irst.itc.it
9. A.K. Chandra and P.M. Merlin, Optimal implementation of conjunctive queries in relational data bases, in: 9th Annual ACM Symposium on Theory of Computing, Boulder, CO, USA, ACM Press, 1977, pp. 77-90.
10. B. Chess, Improving computer security using extended static checking, in: 2002 IEEE Symposium on Security and Privacy, Washington, DC, USA, IEEE Computer Society, 2002.
11. E. Clarke, O. Grumberg, S. Jha, Y. Lu and H. Veith, Counterexample guided abstraction refinement for symbolic model checking, Journal of the ACM (JACM) 50 (2003), 752-794.
12. S.D.C. di Vimercati, S. Paraboschi and P. Samarati, Access control: principles and solutions, Software Practice and Experience 33 (2003), 397-421.
13. E.A. Emerson, Temporal and modal logic, in: Handbook of Theoretical Computer Science (vol. B): Formal Models and Semantics, MIT Press, Cambridge, MA, USA, 1991, pp. 995-1072.
14. K. Fisler, S. Krishnamurthi, L.A. Meyerovich and M.C. Tschantz, Verification and change-impact analysis of access-control policies, in: ICSE'05, St. Louis, Missouri, USA, May 2005.
15. S. Godik and X Moses, extensible Access Control Markup Language, OASIS committee, 1.1 edition, Aug 2003, Committee specification.
16. D.P. Guelev, M.D. Ryan, and P.-Y. Schobbens, Model-checking access control policies, in: 7th Information Security Conference (ISC'04), Lecture Notes in Computer Science, Springer-Verlag, 2004.
17. J.D. Guttman and A.L. Herzog, Rigorous automated network security management, International Journal of Information Security, Dec 2004.
18. J.D. Guttman, A.L. Herzog, J.D. Ramsdell and C.W. Skorupka, Verifying information flow goals in security-enhanced Linux, in: Workshop on Issues in the Theory of Security, Jan 2004.
19. J.Y. Halpern and V. Weissman, Using first-order logic to reason about policies, in: 16th IEEE Computer Security Foundations Workshop (CSFW'03), Pacific Grove, CA, 2003.
20. M.R.A. Huth and M.D. Ryan, Verification by model checking, in: Logic in Computer Science: Modelling and Reasoning about Systems, Cambridge University Press, 2nd edition, 2004, pp. 172-255, Chapter 3.
21. M.R.A. Huth and M.D. Ryan, Binary decision diagrams, in: Logic in Computer Science: Modelling and Reasoning about Systems, Cambridge University Press, 2nd edition, 2004, pp. 358-413, Chapter 6.
22. D. Jackson, Alloy: A lightweight object modelling notation, in: ACM Transactions on Software Engineering and Methodology (TOSEM), ACM Press, 2002, p. 256-290.
23. D. Jackson, Micromodels of Software: Lightweight Modelling and Analysis with Alloy, Software Design Group, MIT Lab for Computer Science, Feb 2002. This document and the tool can be obtained from http://alloy.mit.edu/
24. A. Jones and M. Sergot, On the characterisation of law and computer systems: The normative systems perspective, in: J. Meyer and R. Wieringa, eds, Deontic Logic in Computer Science. Normative system Specification, Wiley, 1993, pp. 275-307.
25. K.L. McMillan, Symbolic model checking, PhD thesis, School of Computer Science, Carnegie Mellon University, 1993.
26. R. Sandhu, Separation of duties in computerised information systems, in: IFIP WG11.3 Workshop on Database Security, Sep 1990.
27. R. Sandhu, V. Bhamidipati and Q. Munawer, The ARBAC97 model for role-based administration of roles, ACM Transactions on Information and System Security 2(1) (1999), 105-135.
28. R. Sandhu, E. Coyne, H. Feinstein and C. Youman, Role-based access control models, IEEE Computer 29(2) (1996), 38-47.
29. A. Schaad and J. Moffett, A lightweight approach to specification and analysis of role-based access control extensions, in: SACMAT'02, Monterey, California, USA, Jun 2002.
30. Sun Microsystems, Sun's XACML implementation, Aug 2003. Information about Ulis implementation can be found at http://sunxacml.sourceforge.net/
31. J. Whaley, JavaBDD: Java BDD implementation, 2004. Information about Ulis implementation can be found at http://javabdd.sourceforge.net/
32. N. Zhang, Verification of access control systems using Mocha, Master's thesis, School of Computer Science, University of Birmingham, 2002.
33. N. Zhang, AcPeg, the access control policy evaluator and generator, July 2006, The tool can. be obtained from www.cs.bham.ac.uk/~nxz or www.cs.bham.ac.uk/~mdr/research/projects/05-AccessControl
34. N. Zhang, M. Ryan and D.P. Guelev, Synthesising verified access control systems in XACML, in: 2004 ACM Workshop on Formal Methods in Security Engineering, Washington DC, USA, Oct 2004, ACM Press, pp. 56-65.
35. N. Zhang, M.D. Ryan and D.P. Guelev, Evaluating access control policies through model-checking, in: 8th Information Security Conference (ISC'05), Singapore, Sep 2005, Springer-Verlag, 2005.