Show simple item record

dc.contributor.authorJanicke, Helgeen
dc.contributor.authorCau, A. (Antonio)en
dc.contributor.authorSiewe, Francoisen
dc.contributor.authorZedan, Husseinen
dc.date.accessioned2012-09-18T15:03:15Z
dc.date.available2012-09-18T15:03:15Z
dc.date.issued2012
dc.identifier.citationJanicke, H. et al. (2012) Dynamic Access Control Policies - Specification and Verification. The Computer Journal, 56 (4), pp. 440-463
dc.identifier.urihttp://hdl.handle.net/2086/7283
dc.description.abstractSecurity requirements deal with the protection of assets against unauthorized access (disclosure or modification) and their availability to authorized users. Temporal constraints of history-based access control policies are difficult to express naturally in traditional policy languages. We propose a compositional formal framework for the specification and verification of temporal access control policies for security critical systems in which history-based policies and other temporal constraints can be expressed. In particular, our framework allows for the specification of policies that can change dynamically in response to time or events enabling dynamic reconfiguration of the access control mechanisms. The framework utilizes a single well-defined formalism, interval temporal logic, for defining the semantics of these policies and to reason about them.We illustrate our approach with a detailed case study of an electronic paper submission system showing the compositional verification of their safety, liveness and information flow properties.en
dc.language.isoenen
dc.publisherOxford University Pressen
dc.relation.ispartofseriesComputer Journal;
dc.subjectaccess controlen
dc.subjectpolicyen
dc.subjectcompositional specificationen
dc.subjectsemanticsen
dc.subjectverificationen
dc.subjectinterval temporal logicen
dc.titleDynamic Access Control Policies - Specification and Verificationen
dc.typeArticleen
dc.identifier.doihttp://dx.doi.org/10.1093/comjnl/bxs102
dc.researchgroupSoftware Technology Research Laboratory (STRL)en
dc.peerreviewedYesen
dc.ref2014.selected1367395509_0410680124787_11_1
dc.researchinstituteCyber Technology Institute (CTI)en


Files in this item

FilesSizeFormatView

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record