Verification of Spatio-Temporal Role Based Access Control using Timed Automata

2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA) Pub Date : 2012-12-13 DOI:10.1109/NESEA.2012.6474023

Emsaieb Geepalla, B. Bordbar, Kozo Okano

{"title":"Verification of Spatio-Temporal Role Based Access Control using Timed Automata","authors":"Emsaieb Geepalla, B. Bordbar, Kozo Okano","doi":"10.1109/NESEA.2012.6474023","DOIUrl":null,"url":null,"abstract":"The verification of Spatio-Temporal Role Based Access Control policies (STRBAC) during the early development life cycle improves the security of the software. It helps to identify inconsistencies in the Access Control policies before proceeding to other phases where the cost of fixing defects is augmented. This paper proposes a formal method for an automatic analysis of STRBAC policies. It ensures that the policies are consistent and conflict-free. The method proposed in this paper makes the use of Timed Automata to verify the STRBAC policies. This is done by translating the STRBAC model into Timed Automata, and then the produced Timed Automata is implemented and verified using the model checker UPPAAL. This paper presents a security query expressed using TCTL to detect inconsistency caused due to the interaction between STRBAC policies. With the help of an example, this paper shows how we convert STRBAC model to Timed Automata models and verify the resulting models using the UPPAAL to identify an erroneous design.","PeriodicalId":245642,"journal":{"name":"2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NESEA.2012.6474023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

The verification of Spatio-Temporal Role Based Access Control policies (STRBAC) during the early development life cycle improves the security of the software. It helps to identify inconsistencies in the Access Control policies before proceeding to other phases where the cost of fixing defects is augmented. This paper proposes a formal method for an automatic analysis of STRBAC policies. It ensures that the policies are consistent and conflict-free. The method proposed in this paper makes the use of Timed Automata to verify the STRBAC policies. This is done by translating the STRBAC model into Timed Automata, and then the produced Timed Automata is implemented and verified using the model checker UPPAAL. This paper presents a security query expressed using TCTL to detect inconsistency caused due to the interaction between STRBAC policies. With the help of an example, this paper shows how we convert STRBAC model to Timed Automata models and verify the resulting models using the UPPAAL to identify an erroneous design.

查看原文本刊更多论文

基于时空角色的时间自动机访问控制验证

在开发生命周期早期对基于时空角色的访问控制策略(STRBAC)进行验证，可以提高软件的安全性。在进入修复缺陷的成本增加的其他阶段之前，它有助于识别访问控制策略中的不一致之处。本文提出了一种自动分析STRBAC策略的形式化方法。它确保了策略的一致性和无冲突性。本文提出的方法是利用时间自动机来验证STRBAC策略。这是通过将STRBAC模型转换为时间自动机来完成的，然后使用模型检查器UPPAAL实现并验证生成的时间自动机。本文提出了一种使用TCTL表达的安全查询，用于检测由于STRBAC策略之间的交互而引起的不一致。通过一个例子，本文展示了如何将STRBAC模型转换为时间自动机模型，并使用UPPAAL验证结果模型以识别错误的设计。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 IEEE 3rd International Conference on Networked Embedded Systems for Every Application (NESEA)

自引率

0.00%

发文量