Abductive Analysis of Administrative Policies in Rule-Based Access Control

IEEE Transactions on Dependable and Secure Computing

Volumn 11, Issue 5, 2014, Pages 412-424

  Gupta, Puneet ^a   Stoller, Scott D ^b   Xu, Zhongyuan ^b  

^a GOOGLE INC   (United States)

^b Stony Brook University   (United States)

Author keywords

attribute based access control; policy administration; policy verification; rule based policy; Security policy

Indexed keywords

COMPUTATION THEORY; ELECTRICAL ENGINEERING;

ATTRIBUTE BASED ACCESS CONTROL; POLICY ADMINISTRATIONS; POLICY VERIFICATION; RULE-BASED POLICIES; SECURITY POLICY;

ACCESS CONTROL;

EID: 84934756449     PISSN: 15455971     EISSN: 19410018     Source Type: Journal    
DOI: 10.1109/TDSC.2013.42     Document Type: Article

References (17)

1. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, "Role-Based Access Control Models," Computer, vol. 29, no. 2, pp. 38-47, Feb. 1996.
2. R. Sandhu, V. Bhamidipati, and Q. Munawer, "The ARBAC97 Model for Role-Based Administration of Roles," ACM Trans. Information and Systems Security, vol. 2, no. 1, pp. 105-135, Feb. 1999.
3. N. Li and M.V. Tripunitara, "Security Analysis in Role-Based Access Control," ACM Trans. Information and System Security, vol. 9, no. 4, pp. 391-420, Nov. 2006.
4. S.D. Stoller, P. Yang, C.R. Ramakrishnan, and M.I. Gofman, "Efficient Policy Analysis for Administrative Role Based Access Control," Proc. 14th ACM Conf. Computer and Comm. Security (CCS), 2007.
5. A. Sasturkar, P. Yang, S.D. Stoller, and C.R. Ramakrishnan, "Policy Analysis for Administrative Role Based Access Control," Theoretical Computer Science, vol. 412, no. 44, pp. 6208-6234, Oct. 2011.
6. S.D. Stoller, P. Yang, M. Gofman, and C.R. Ramakrishnan, "Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control," Computers & Security, vol. 30, no. 2/3, pp. 148-164, Mar.-May 2011.
7. M.Y. Becker, "Specification and Analysis of Dynamic Authorisation Policies," Proc. 22nd IEEE Computer Security Foundations Symposium (CSF), pp. 203-217, 2009.
8. R. Craven, J. Lobo, J. Ma, A. Russo, E. Lupu, and A. Bandara, "Expressive Policy Analysis with Enhanced System Dynamicity," Proc. Fourth Int'l Symp. Information, Computer, and Comm. Security (ASIACCS), pp. 239-250, 2009.
9. M.Y. Becker and S. Nanz, "A Logic for State-Modifying Authorization Policies," ACM Trans. Information and System Security, vol. 13, no. 3, article 20, 2010.
10. M.Y. Becker and S. Nanz, "The Role of Abduction in Declarative Authorization Policies," Proc. 10th Int'l Conf. Practical Aspects of Declarative Languages (PADL '08), ser. Lecture Notes in Computer Science, vol. 4902, pp. 84-99, 2008.
11. M.Y. Becker, J.F. Mackay, and B. Dillaway, "Abductive Authorization Credential Gathering," Proc. IEEE Int'l Symp. Policies for Distributed Systems and Networks (POLICY), pp. 1-8, July 2009.
12. P. Gupta, S.D. Stoller, and Z. Xu, "Abductive Analysis of Administrative Policies in Rule-Based Access Control," Proc. Seventh Int'l Conf. Information Systems Security (ICISS '11), pp. 116-130, Dec. 2011.
13. F.B. Schneider, On Concurrent Programming. Springer, 1997.
14. E.M. Reingold, J. Nievergelt, and N. Deo, Combinatorial Algorithms: Theory and Practice. Prentice-Hall, 1977.
15. P. Gupta, Abductive Analysis of Administrative Policies in Rule-Based Access Control. Stony Brook Univ., Dec. 2011.
16. M.Y. Becker and S. Nanz, "A Logic for State-Modifying Authorization Policies," Proc. 12th European Symp. Research in Computer Security (ESORICS), pp. 203-218, 2007.
17. M. Barletta, S. Ranise, and L. Vigano, "Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities," Proc. Eighth Int'l Workshop Security and Trust Management (STM), pp. 49-64, 2012.