IRIS

The administration of access control policies is a task of paramount importance for distributed systems. A crucial analysis problem is to foresee if a set of administrators can give a user an access permission. We consider this analysis problem in the context of the Administrative Role-Based Access Control (ARBAC), one of the most widespread administrative models. Given the difficulty of taking into account the effect of all possible administrative actions, automated analysis techniques are needed. In this paper, we describe how a model checker can scale up to handle very large ARBAC policies while ensuring completeness. An extensive experimentation shows that an implementation of our techniques performs significantly better than Mohawk, a recently proposed tool that has become the reference for finding errors in ARBAC policies. © Springer-Verlag Berlin Heidelberg 2013.

Boosting model checking to analyse large ARBAC policies / Ranise, S.; Truong, A.; Armando, A.. - 7783:(2013), pp. 273-288. (Intervento presentato al convegno 8th International Workshop on Security and Trust Management, STM 2012 tenutosi a Pisa, ita nel 2012) [10.1007/978-3-642-38004-4_18].

Boosting model checking to analyse large ARBAC policies

Ranise S.;
2013-01-01

Abstract

The administration of access control policies is a task of paramount importance for distributed systems. A crucial analysis problem is to foresee if a set of administrators can give a user an access permission. We consider this analysis problem in the context of the Administrative Role-Based Access Control (ARBAC), one of the most widespread administrative models. Given the difficulty of taking into account the effect of all possible administrative actions, automated analysis techniques are needed. In this paper, we describe how a model checker can scale up to handle very large ARBAC policies while ensuring completeness. An extensive experimentation shows that an implementation of our techniques performs significantly better than Mohawk, a recently proposed tool that has become the reference for finding errors in ARBAC policies. © Springer-Verlag Berlin Heidelberg 2013.
2013
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Germany
Springer Verlag
978-3-642-38003-7
978-3-642-38004-4
2-s2.0-84893116629
Ranise, S.; Truong, A.; Armando, A.
Boosting model checking to analyse large ARBAC policies / Ranise, S.; Truong, A.; Armando, A.. - 7783:(2013), pp. 273-288. (Intervento presentato al convegno 8th International Workshop on Security and Trust Management, STM 2012 tenutosi a Pisa, ita nel 2012) [10.1007/978-3-642-38004-4_18].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333088
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 17
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact