Abstract
Typically, access control policies are either static or depend on independently maintained external state to achieve some notion of dynamism. While it is possible to fully verify the properties of static policies, any reference to external state will necessarily limit the scope of such verification. In this paper we explore the feasibility of describing self-modifying policies which contain both rules for granting access and rules for the modification of the policy. Policy level constraints are used to define validity. Using these constraints it becomes possible to verify both the current state of the policy and any possible future states. A working prototype is described which utilises a relational model finder to perform the verification. The prototype is capable of generating instances of failure cases and presenting them via a simple user interface. © 2009 Springer Berlin Heidelberg.
Cite
CITATION STYLE
Power, D., Slaymaker, M., & Simpson, A. (2009). On the construction and verification of self-modifying access control policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5776 LNCS, pp. 107–121). https://doi.org/10.1007/978-3-642-04219-5_7
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
