Boosting model checking to analyse large ARBAC policies

IRIS

The administration of access control policies is a task of paramount importance for distributed systems. A crucial analysis problem is to foresee if a set of administrators can give a user an access permission. We consider this analysis problem in the context of the Administrative Role-Based Access Control (ARBAC), one of the most widespread administrative models. Given the difficulty of taking into account the effect of all possible administrative actions, automated analysis techniques are needed. In this paper, we describe how a model checker can scale up to handle very large ARBAC policies while ensuring completeness. An extensive experimentation shows that an implementation of our techniques performs significantly better than Mohawk, a recently proposed tool that has become the reference for finding errors in ARBAC policies. © Springer-Verlag Berlin Heidelberg 2013.

Boosting model checking to analyse large ARBAC policies / Ranise, S.; Truong, A.; Armando, A.. - 7783:(2013), pp. 273-288. (Intervento presentato al convegno 8th International Workshop on Security and Trust Management, STM 2012 tenutosi a Pisa, ita nel 2012) [10.1007/978-3-642-38004-4_18].

Boosting model checking to analyse large ARBAC policies

Ranise S.;Truong A.;Armando A.

2013-01-01

Abstract

The administration of access control policies is a task of paramount importance for distributed systems. A crucial analysis problem is to foresee if a set of administrators can give a user an access permission. We consider this analysis problem in the context of the Administrative Role-Based Access Control (ARBAC), one of the most widespread administrative models. Given the difficulty of taking into account the effect of all possible administrative actions, automated analysis techniques are needed. In this paper, we describe how a model checker can scale up to handle very large ARBAC policies while ensuring completeness. An extensive experimentation shows that an implementation of our techniques performs significantly better than Mohawk, a recently proposed tool that has become the reference for finding errors in ARBAC policies. © Springer-Verlag Berlin Heidelberg 2013.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2013
		
	Titolo del volume (Proceedings title)
	
			Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
		
	Luogo di edizione (Place of publication)
	
			Germany
		
	Casa editrice (Publisher)
	
			Springer Verlag
		
	ISBN
	
			978-3-642-38003-7
978-3-642-38004-4
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-84893116629
		
	Tutti gli autori
	
			Ranise, S.; Truong, A.; Armando, A.
		
	Citazione
	
			Boosting model checking to analyse large ARBAC policies / Ranise, S.; Truong, A.; Armando, A.. - 7783:(2013), pp. 273-288. (Intervento presentato al  convegno 8th International Workshop on Security and Trust Management, STM 2012 tenutosi a Pisa, ita nel 2012) [10.1007/978-3-642-38004-4_18].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333088

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

17

ND

social impact