Weaving rewrite-based access control policies

FMSE'07 - Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering

Volumn , Issue , 2007, Pages 71-80

  De Oliveira, Anderson Santana ^a   Wang, Eric Ke ^b   Kirchner, Claude ^a   Kirchner, Helene ^a  

^a LORIA   (France)

^b UNIVERSITY OF HONG KONG   (Hong Kong)

Author keywords

Access control; Aspect oriented programming; Execution monitoring; Strategic rewriting; Term rewriting

Indexed keywords

ACCESS CONTROL POLICIES; ASPECT-ORIENTED PROGRAMMING; DYNAMIC ACCESS CONTROL; DYNAMIC POLICY; EXECUTION MONITORING; FORMAL PROPERTIES; HIGH LEVEL DESCRIPTION; LARGE SYSTEM; REFERENCE MONITORS; SECURITY GOALS; SYSTEMATIC METHODOLOGY; SYSTEMATIC PROCESS; TERM REWRITING; TERM REWRITING SYSTEMS; TEST CASE;

COMPUTER SYSTEMS PROGRAMMING; FORMAL LOGIC; FORMAL METHODS; SECURITY SYSTEMS; WEAVING;

ACCESS CONTROL;

EID: 62849128528     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1314436.1314446     Document Type: Conference Paper

References (28)

1. P. Avgustinov, A. S. Christensen, L. Hendren, S. Kuzins, J. Lhoták, O. Lhoták, O. de Moor, D. Sereni, G. Sittampalam, and J. Tibble. Optimising aspectj. In PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pages 117-128, New York, NY, USA, 2005. ACM Press.
2. E. Balland, P. Brauner, R. Kopetz, P.-E. Moreau, and A. Reilles. Tom: Piggybacking rewriting on java. In Proceedings of the 18th Conference on Rewriting Techniques and Applications, volume 4533 of Lecture Notes in Computer Science, pages 36-47. Springer-Verlag, 2007.
3. E. Balland, C. Kirchner, and P.-E. Moreau. Formal Islands. In M. Johnson and V. Vene, editors, AMAST, Kuressaare (Estonia), volume 4019 of Lecture Notes in Computer Science, pages 51-65. Springer-Verlag, July 2006.
4. E. Balland and P.-E. Moreau. Optimizing pattern matching compilation by program transformation. In J.-M. Favre, R. Heckel, and T. Mens, editors, 3rd Workshop on Software Evolution through Transformations (SeTra'06). Electronic Communications of EASST, 2006. To appear.
5. S. Barker and M. Fernández. Term rewriting for access control. In E. Damiani and P. Liu, editors, DBSec, volume 4127 of Lecture Notes in Computer Science, pages 179-193. Springer, 2006.
6. L. Bauer, J. Ligatti, and D. Walker. Composing security policies with polymer. In PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pages 305-314, New York, NY, USA, 2005. ACM Press.
7. P. A. Bonatti, N. Shahmehri, C. Duma, D. Olmedilla, W. Nejdl, M. Baldoni, C. Baroglio, A. Martelli, V. Patti, P. Coraggio, G. Antoniou, J. Peer, and N. E. Fuchs. Rule-based policy specification: State of the art and future work. Deliverable I2/D1, REWERSE, 2004.
8. F. Cuppens, N. Cuppens-Boulahia, and T. Ramard. Availability enforcement by obligations and aspects identification. In ARES, pages 229-239. IEEE Computer Society, 2006.
9. S. D. C. di Vimercati, P. Samarati, and S. Jajodia. Policies, models, and languages for access control. In S. Bhalla, editor, DNIS, volume 3433 of Lecture Notes in Computer Science, pages 225-237. Springer, 2005.
10. D. J. Dougherty, K. Fisler, and S. Krishnamurthi. Specifying and reasoning about dynamic access-control policies. In U. Furbach and N. Shankar, editors, IJCAR, volume 4130 of Lecture Notes in Computer Science, pages 632-646. Springer, 2006.
11. D. J. Dougherty, C. Kirchner, H. Kirchner, and A. Santana de Oliveira. Modular access control via strategic rewriting. ESORICS, volume 4734 of Lecture Notes in Computer Science, pages 578-593. Springer, 2007.
12. U. Erlingsson and F. B. Schneider. Sasi enforcement of security policies: a retrospective. In NSPW '99: Proceedings of the 1999 workshop on New security paradigms, pages 87-95, New York, NY, USA, 2000. ACM Press.
13. D. Evans and A. Twyman, editors. Flexible Policy-Directed Code Safety, IEEE Symposium on Security and Privacy, 1999. IEEE Computer Society, 1999.
14. J. Giesl, R. Thiemann, P. Schneider-Kamp, and S. Falke. Automated termination proofs with AProVE. In V. van Oostrom, editor, RTA, volume 3091 of Lecture Notes in Computer Science, pages 210-220. Springer, 2004.
15. K. Hamlen. Security Policy Enforcement By automated Program-Rewriting. Phd thesis, Cornell University, 2006.
16. S. Jajodia, P. Samarati, M. L. Sapino, and V. S. Subrahmanian. Flexible support for multiple access control policies. ACM Trans. Database Syst., 26 (2):214-260, 2001.
17. A. Kalam, R. Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Miege, C. Saurel, and G. Trouessin. Organization based access control. Policies for Distributed Systems and Networks, 2003. Proceedings. POLICY 2003. IEEE 4th International Workshop on, pages 120-131, 2003.
18. G. Kiczales, E. Hilsdale, J. Hugunin, M. Kersten, J. Palm, and W. G. Griswold. An overview of aspectj. In J. L. Knudsen, editor, ECOOP, volume 2072 of Lecture Notes in Computer Science, pages 327-353. Springer, 2001.
19. G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. V. Lopes, J.-M. Loingtier, and J. Irwin. Aspect-oriented programming. In ECOOP, pages 220-242, 1997.
20. C. Kirchner, P.-E. Moreau, and A. Reilles. Formal validation of pattern matching code. In P. Barahona and A. P. Felty, editors, PPDP, pages 187-197. ACM, 2005.
21. B. Lampson. Protection. ACM Operating Systems Review. Vol, 8:18-24, 1974.
22. J. Ligatti, L. Bauer, and D. Walker. Enforcing non-safety security policies with program monitors. In S. D. C. di Vimercati, P. F. Syverson, and D. Gollmann, editors, ESORICS, volume 3679 of Lecture Notes in Computer Science, pages 355-373. Springer, 2005.
23. C. Morisset and A. Santana de Oliveira. Automated detection of information leakage in access control. In M. Nesi and R. Treinen, editors, Preliminary Proceedings of the 2nd International Workshop on Security and Rewriting Techniques (SecReT'07), Paris, France, July 2007.
24. A. Reilles. Canonical abstract syntax trees. Electr. Notes Theor. Comput. Sci., 176:165-179, 2007.
25. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. Computer, 29 (2):38-47, 1996.
26. A. Santana de Oliveira. Rewriting-based access control policies. Electr. Notes Theor. Comput. Sci., 171:59-72, 2007.
27. F. B. Schneider. Enforceable security policies. ACM Trans. Inf. Syst. Secur., 3 (1):30-50, 2000.
28. E. Song, R. Reddy, R. B. France, I. Ray, G. Georg, and R. Alexander. Verifiable composition of access control and application features. In E. Ferrari and G.-J. Ahn, editors, SACMAT, pages 120-129. ACM, 2005.