Apply model checking to security analysis in trust management

Proceedings - International Conference on Data Engineering

Volumn , Issue , 2007, Pages 734-743

  Reith, Mark ^a   Niu, Jianwei ^a   Winsborough, William H ^a  

^a UNIVERSITY OF TEXAS AT SAN ANTONIO   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COLLOIDS; GELATION; HELIUM; POLYNOMIAL APPROXIMATION; TECHNOLOGY;

CASE STUDIES; CONTAINMENT QUERIES; DATA ENGINEERING; GLOBAL POLICIES; INTERNATIONAL CONFERENCES; MODEL-CHECKING TOOLS; POLYNOMIAL-TIME ALGORITHMS; PROBLEM DOMAINS; SECURITY ANALYSIS; SMV MODEL; TRUST MANAGEMENT;

MODEL CHECKING;

EID: 48349123650     PISSN: 10844627     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICDEW.2007.4401061     Document Type: Conference Paper

References (16)

1. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In SP '96: Proceedings of the 1996 IEEE Symposium on Security and Privacy, page 164, Washington, DC, USA, 1996. IEEE Computer Society.
2. E. M. Clarke, E. A. Emerson, and A. P. Sistla. Automatic verification of finite-stale concurrent systems using temporal logic specifications. ACM Transactions on Programming Language ans Systems (TOPLAS), 8(2):244-263, 1986.
3. K. Fisler, S. Krishnamurthi, L. A. Meyerovich. and M. C. Tshchantz. Verification and change-impact analysis of access-control policies. In Proceedings of the 27th IEEE International Conference on Software Engineering (ICSE '05). pages 196-205, 2005.
4. D. Gilliam. J. Powell, and M. Bishop. Application of lightweight formal methods to software security. In Proceedings of the 14th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2005), 2005.
5. P. Glorgini, F. Massacci, J. Mylopoulos, and N. Zannone. Modeling security requirements through ownership, permission and delegation. In Proceedings of the 13th International Conference on Requirements Engineering (RE'05), pages 167-176. IEEE Computer Society, 2005.
6. D. P. Guelev, M. Ryan, and P. Y. Schobbens. Model checking access control policies. In Proceedings of the 7th Information Security Conference, volume 3225 of Lecture Notes in Computer Science. Springer-Verlag, 2004.
7. D. Jackson and J. Wing. Lightweight formal methods, contribution to an invitation to formal methods. IEEE Computer, 29:16-30, 1996.
8. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 114-130. IEEE Computer Society Press, May 2002.
9. N. Li, J. C. Mitchell, and W. H. Winsborough. Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM (JACM), 52(3):474-514, 2005.
10. M. J. May. C. A. Gunter, and I. Lee. Privacy APIs: Access control techniques to analyze and verify legal privacy policies. In Proceedings of the 19th IEEE Computer Security Foundations Workshop. 2006.
11. K. McMillan. Symbolic Model Checking: An Approach to the State Explosion Problem. Kluwer Academic, 1993.
12. A. Pnueli. The temporal logic of programs. In Proceedings of the 18th IEEE Symposium on Foundations of Computer Science, volume 526, pages 46-67, 1977.
13. R. S. Sandhu, E. J. Coyne, H. L. Feinsfern, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
14. A. Schaad, V. Lotz, and K. Sohr. A model checking approach to analysis organizational controls. In Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT06), pages 139-149, 2006.
15. A. P. Sistla and M. Zhou. Analysis of dynamic policies. In Proceedings of Foundations of Computer Security and Automated Reasoning for Security Protocol Analysis (FCS-ARSPA06), pages 233-262, 2006.
16. N. Zhang, M. Ryan, and D. P. Guelev. Evaluating access control policies through model checking. In Proceedings of the 8th Information Security Conference, volume 3650 of Lecture Notes in Computer Science, pages 446-460. Springer-Verlag, 2005.