Symbolic backward reachability with effectively propositional logic: Applications to security policy analysis

IRIS

We describe a symbolic procedure for solving the reachability problem of transition systems that use formulae of Effectively Propositional Logic to represent sets of backward reachable states. We discuss the key ideas for the mechanization of the procedure where fix-point checks are reduced to SMT problems. We also show the termination of the procedure on a sub-class of transition systems. Then, we discuss how reachability problems for this sub-class can be used to encode analysis problems of administrative policies in the Role-Based Access Control (RBAC) model that is one of the most widely adopted access control paradigms. An implementation of a refinement of the backward reachability procedure, called asasp, shows better flexibility and scalability than a state-of-the-art tool on a significant set of security problems. © 2012 Springer Science+Business Media, LLC.

Symbolic backward reachability with effectively propositional logic: Applications to security policy analysis / Ranise, S.. - In: FORMAL METHODS IN SYSTEM DESIGN. - ISSN 0925-9856. - 42:1(2013), pp. 24-45. [10.1007/s10703-012-0157-1]

Symbolic backward reachability with effectively propositional logic: Applications to security policy analysis

Ranise S.

2013-01-01

Abstract

We describe a symbolic procedure for solving the reachability problem of transition systems that use formulae of Effectively Propositional Logic to represent sets of backward reachable states. We discuss the key ideas for the mechanization of the procedure where fix-point checks are reduced to SMT problems. We also show the termination of the procedure on a sub-class of transition systems. Then, we discuss how reachability problems for this sub-class can be used to encode analysis problems of administrative policies in the Role-Based Access Control (RBAC) model that is one of the most widely adopted access control paradigms. An implementation of a refinement of the backward reachability procedure, called asasp, shows better flexibility and scalability than a state-of-the-art tool on a significant set of security problems. © 2012 Springer Science+Business Media, LLC.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
				2013
			
	Titolo del periodico (Journal title)
	
				FORMAL METHODS IN SYSTEM DESIGN
			
	Numero e parte del fascicolo (Issue number and part)
	
				1
			
	DOI
	
				https://dx.doi.org/10.1007/s10703-012-0157-1
			
	Codice Scopus (Scopus identifier)
	
				2-s2.0-84872416878
			
	Codice WOS (WOS identifier)
	
				WOS:000313365300003
			
	Tutti gli autori
	
						Ranise, S.
					
	Citazione
	
				Symbolic backward reachability with effectively propositional logic: Applications to security policy analysis / Ranise, S.. - In: FORMAL METHODS IN SYSTEM DESIGN. - ISSN 0925-9856. - 42:1(2013), pp. 24-45. [10.1007/s10703-012-0157-1]
			
	Appare nelle tipologie:
	
				03.1 Articolo su rivista (Journal article)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333320

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

8

6

social impact