A Verifiable Formal Specification for RBAC Model with Constraints of Separation of Duty

Chunyang Yuan, Yeping He, Jianbo He and Zhouyi Zhou

View Related Documents

Journal Article
Centralized role-based access control for federated multi-domain environments
Yu Guangcan, Li Zhengding, Li Ruixuan and Mudar Sarem
Wuhan University Journal of Natural Sciences, 2006, Volume 11, Number 6, Pages 1688-1692
- Download PDF (476.7 KB)
Book Chapter
From Formal Access Control Policies to Runtime Enforcement Aspects
Slim Kallel, Anis Charfi, Mira Mezini, Mohamed Jmaiel and Karl Klose
Lecture Notes in Computer Science, 2009, Volume 5429, Engineering Secure Software and Systems, Pages 16-31
- Download PDF (480.3 KB)
Book Chapter
A Methodology for Bridging between RBAC and an Arbitrary Application Program
Candy Wai-Yue Shum, Sylvia L. Osborn and He Wang
Lecture Notes in Computer Science, 2008, Volume 5159, Secure Data Management, Pages 199-208
- Download PDF (313.3 KB)
Book Chapter
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools
Hind Rakkay and Hanifa Boucheneb
Lecture Notes in Computer Science, 2009, Volume 5430, Transactions on Computational Science IV, Pages 149-176
- Download PDF (1.1 MB)
Book Chapter
Role Activation Management in Role Based Access Control
Richard W. C. Lui, Sherman S. M. Chow, Lucas C. K. Hui and S. M. Yiu
Lecture Notes in Computer Science, 2005, Volume 3574, Information Security and Privacy, Pages 358-369
- Download PDF (201.9 KB)
Book Chapter
Role-Based Access Control
2006, Access Control Systems, Pages 190-251
- Download PDF (2.9 MB)
Book Chapter
Study and Implementation of SELinux-Like Access Control Mechanism Based on Linux
Gaoshou Zhai and Yaodong Li
Communications in Computer and Information Science, 1, Volume 29, Advances in Security Technology, Pages 50-66
- Download PDF (426.7 KB)
Journal Article
A relational database integrity framework for access control policies
Romuald Thion and Stéphane Coulondre
Journal of Intelligent Information Systems, 2012, Volume 38, Number 1, Pages 131-159
- Download PDF (547.2 KB)
- View HTML
Book Chapter
Role-Based Access Control
Sylvia Osborn
Data-Centric Systems and Applications, 2007, Security, Privacy, and Trust in Modern Data Management, Part II, Pages 55-70
- Download PDF (211.0 KB)
Book Chapter
A Modal Logic for Role-Based Access Control
Thumrongsak Kosiyatrakul, Susan Older and Shiu-Kai Chin
Lecture Notes in Computer Science, 2005, Volume 3685, Computer Network Security, Pages 179-193
- Download PDF (495.8 KB)

Abstract

Formal method provides a way to achieve an exact and consistent definition of security for a given scenario. This paper presents a formal state-based verifiable RBAC model described with Z language, in which the state-transition functions are specified formally. Based on the separation of duty policy, the constraint rules and security theorems are constructed. Using a case study, we show how to specify and verify the consistency of formal RBAC system with theorem proving. By specifying RBAC model formally, it provides a precise description for the system security requirements. The internal consistency of this model can be validated by verification of the model.

Keywords Formal Specification - Verification - RBAC - Separation of Duty

Supported by National High-Tech Research and Development Program of China (863) under Grant No. 2002AA141080; National Natural Science Foundation of China under Grant No.60073022 and 60373054;Graduate Student Innovation Grant of Chinese Academy of Sciences.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

A Verifiable Formal Specification for RBAC Model with Constraints of Separation of Duty

View Related Documents

Abstract

Fulltext Preview