• Login
    View Item 
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Dynamic Access Control Policies - Specification and Verification

    Thumbnail
    Date
    2012
    Author
    Janicke, Helge;
    Cau, A. (Antonio);
    Siewe, Francois;
    Zedan, Hussein
    Metadata
    Show attachments and full item record
    Abstract
    Security requirements deal with the protection of assets against unauthorized access (disclosure or modification) and their availability to authorized users. Temporal constraints of history-based access control policies are difficult to express naturally in traditional policy languages. We propose a compositional formal framework for the specification and verification of temporal access control policies for security critical systems in which history-based policies and other temporal constraints can be expressed. In particular, our framework allows for the specification of policies that can change dynamically in response to time or events enabling dynamic reconfiguration of the access control mechanisms. The framework utilizes a single well-defined formalism, interval temporal logic, for defining the semantics of these policies and to reason about them.We illustrate our approach with a detailed case study of an electronic paper submission system showing the compositional verification of their safety, liveness and information flow properties.
    Description
    Citation : Janicke, H. et al. (2012) Dynamic Access Control Policies - Specification and Verification. The Computer Journal, 56 (4), pp. 440-463
    URI
    http://hdl.handle.net/2086/7283
    DOI
    http://dx.doi.org/10.1093/comjnl/bxs102
    Research Group : Software Technology Research Laboratory (STRL)
    Research Institute : Cyber Technology Institute (CTI)
    Peer Reviewed : Yes
    Collections
    • School of Computer Science and Informatics [2967]

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary
     

     

    Browse

    All of DORACommunities & CollectionsAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission DateThis CollectionAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission Date

    My Account

    Login

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary