Dynamic Access Control Policies - Specification and Verification

De Montfort University Open Research Archive

Show simple item record

dc.contributor.author Janicke, Helge en
dc.contributor.author Cau, A. (Antonio) en
dc.contributor.author Siewe, Francois en
dc.contributor.author Zedan, Hussein en
dc.date.accessioned 2012-09-18T15:03:15Z
dc.date.available 2012-09-18T15:03:15Z
dc.date.issued 2012
dc.identifier.citation Janicke, H. et al. (2012) Dynamic Access Control Policies - Specification and Verification. The Computer Journal, 56 (4), pp. 440-463
dc.identifier.uri http://hdl.handle.net/2086/7283
dc.description.abstract Security requirements deal with the protection of assets against unauthorized access (disclosure or modification) and their availability to authorized users. Temporal constraints of history-based access control policies are difficult to express naturally in traditional policy languages. We propose a compositional formal framework for the specification and verification of temporal access control policies for security critical systems in which history-based policies and other temporal constraints can be expressed. In particular, our framework allows for the specification of policies that can change dynamically in response to time or events enabling dynamic reconfiguration of the access control mechanisms. The framework utilizes a single well-defined formalism, interval temporal logic, for defining the semantics of these policies and to reason about them.We illustrate our approach with a detailed case study of an electronic paper submission system showing the compositional verification of their safety, liveness and information flow properties. en
dc.language.iso en en
dc.publisher Oxford University Press en
dc.relation.ispartofseries Computer Journal;
dc.subject access control en
dc.subject policy en
dc.subject compositional specification en
dc.subject semantics en
dc.subject verification en
dc.subject interval temporal logic en
dc.title Dynamic Access Control Policies - Specification and Verification en
dc.type Article en
dc.identifier.doi http://dx.doi.org/10.1093/comjnl/bxs102
dc.researchgroup Software Technology Research Laboratory (STRL) en
dc.peerreviewed Yes en
dc.ref2014.selected 1367395509_0410680124787_11_1

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record