Modelling and verifying dynamic access control policies using knowledge-based model checking
作者: Hasan Najib Yousif Qunoo
DOI:
关键词:
摘要: This thesis advances the modelling and verification of access control policies by using automated knowledge-based symbolic model checking techniques. The key contributions this are threefold: firstly, a language that expresses dynamic with compound actions update multiple variables; secondly, algorithm verifies properties over an policy has actions; finally, tool, called X-Policy, which implements algorithm. This research enables us to verify for web-based collaborative systems. We analyse number conference management systems their security properties. propose appropriate modifications rectify when possible. Ultimately, will allow more help avoid current situation.
bl.uk参考文章(80)
Nan Zhang, Mark Ryan, Dimitar P. Guelev, Synthesising verified access control systems through model checking Journal of Computer Security. ,vol. 16, pp. 1- 61 ,(2008) , 10.3233/JCS-2008-16101
J. DeTreville, Binder, a logic-based security language ieee symposium on security and privacy. pp. 105- 113 ,(2002) , 10.1109/SECPRI.2002.1004365
M. Abadi, Logic in access control logic in computer science. pp. 228- 233 ,(2003) , 10.1109/LICS.2003.1210062
Qun Ni, Elisa Bertino, Jorge Lobo, D-algebra for composing access control policy decisions Proceedings of the 4th International Symposium on Information, Computer, and Communications Security - ASIACCS '09. pp. 298- 309 ,(2009) , 10.1145/1533057.1533097
Martín Abadi, Michael Burrows, Butler Lampson, Gordon Plotkin, A calculus for access control in distributed systems ACM Transactions on Programming Languages and Systems. ,vol. 15, pp. 706- 734 ,(1993) , 10.1145/155183.155225
D. Elliott Bell, Leonard J. La Padula, Secure Computer System: Unified Exposition and Multics Interpretation Defense Technical Information Center. ,(1976) , 10.21236/ADA023588
Anthony J. Bonner, Michael Kifer, An overview of transaction logic Theoretical Computer Science. ,vol. 133, pp. 205- 265 ,(1994) , 10.1016/0304-3975(94)90190-2
R.S. Sandhu, P. Samarati, Access control: principle and practice IEEE Communications Magazine. ,vol. 32, pp. 40- 48 ,(1994) , 10.1109/35.312842
Ravi Sandhu, Venkata Bhamidipati, Qamar Munawer, The ARBAC97 model for role-based administration of roles ACM Transactions on Information and System Security. ,vol. 2, pp. 105- 135 ,(1999) , 10.1145/300830.300839
Carl A. Gunter, Trevor Jim, Generalized certificate revocation symposium on principles of programming languages. pp. 316- 329 ,(2000) , 10.1145/325694.325736