Automated Detection of Information Leakage in Access Control
作者: Charles Morisset , Anderson Santana de Oliveira
DOI:
关键词:
摘要: The prevention of information flow is an important concern in several access control models. Even though this property stated the model specification, it not easy to verify actual implementation a given security policy. In paper we model-check rewrite-based implementations policies. We propose general algorithm that allows one automatically identify leakage. apply our approach well-known Bell and LaPadula show its generalization proposed by McLean does protect system against
archives-ouvertes.fr
wordpress.com 参考文章(16)
Thomas Genet, Contraintes d'ordre et automates d'arbres pour les preuves de terminaison Université Henri Poincaré - Nancy 1. ,(1998)
Terese, Term Rewriting Systems ,(2003)
Dimitar P. Guelev, Mark Ryan, Pierre Yves Schobbens, Model-Checking Access Control Policies international conference on information security. pp. 219- 230 ,(2004) , 10.1007/978-3-540-30144-8_19
J. McLean, The algebra of security ieee symposium on security and privacy. pp. 2- 7 ,(1988) , 10.1109/SECPRI.1988.8092
Peter Schneider-Kamp, Jürgen Giesl, Alexander Serebrenik, René Thiemann, Automated Termination Analysis for Logic Programs by Term Rewriting Logic-Based Program Synthesis and Transformation. pp. 177- 193 ,(2007) , 10.1007/978-3-540-71410-1_13
Emilie Balland, Paul Brauner, Radu Kopetz, Pierre-Etienne Moreau, Antoine Reilles, Tom: Piggybacking Rewriting on Java Lecture Notes in Computer Science. ,vol. 4533, pp. 36- 47 ,(2007) , 10.1007/978-3-540-73449-9_5
Steve Barker, Maribel Fernández, Term rewriting for access control Lecture Notes in Computer Science. pp. 179- 193 ,(2006) , 10.1007/11805588_13
Tobias Nipkow, Franz Baader, Term rewriting and all that ,(1998)
Daniel J. Dougherty, Kathi Fisler, Shriram Krishnamurthi, Specifying and Reasoning About Dynamic Access-Control Policies Automated Reasoning. pp. 632- 646 ,(2006) , 10.1007/11814771_51
Anderson Santana de Oliveira, Rewriting-Based Access Control Policies Electronic Notes in Theoretical Computer Science. ,vol. 171, pp. 59- 72 ,(2007) , 10.1016/J.ENTCS.2007.02.055