Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

IRIS

Administrative Role Based Access Control (ARBAC) is one of the most widespread framework for the management of access-control policies. Several automated analysis techniques have been proposed to help maintaining desirable security properties of ARBAC policies. One of the main limitation of available analysis techniques is that the set of users is bounded. In this paper, we propose a symbolic framework to overcome this limitation. We design an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques. An extensive experimental evaluation confirms the scalability of the proposed technique. © 2012 - IOS Press and the authors. All rights reserved.

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving / Armando, A.; Ranise, S.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 20:4(2012), pp. 309-352. [10.3233/JCS-2012-0461]

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

Armando A.;Ranise S.

2012-01-01

Abstract

Administrative Role Based Access Control (ARBAC) is one of the most widespread framework for the management of access-control policies. Several automated analysis techniques have been proposed to help maintaining desirable security properties of ARBAC policies. One of the main limitation of available analysis techniques is that the set of users is bounded. In this paper, we propose a symbolic framework to overcome this limitation. We design an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques. An extensive experimental evaluation confirms the scalability of the proposed technique. © 2012 - IOS Press and the authors. All rights reserved.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
				2012
			
	Titolo del periodico (Journal title)
	
				JOURNAL OF COMPUTER SECURITY
			
	Numero e parte del fascicolo (Issue number and part)
	
				4
			
	DOI
	
				https://dx.doi.org/10.3233/JCS-2012-0461
			
	Codice Scopus (Scopus identifier)
	
				2-s2.0-84867158206
			
	Tutti gli autori
	
						Armando, A.; Ranise, S.
					
	Citazione
	
				Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving / Armando, A.; Ranise, S.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 20:4(2012), pp. 309-352. [10.3233/JCS-2012-0461]
			
	Appare nelle tipologie:
	
				03.1 Articolo su rivista (Journal article)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333264

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

16

ND

social impact