Skip to main content
Conference Proceedings

Integration of security policy into system modeling

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2006) 4355 LNCS 232-247
DOI: 10.1007/11955757_19
13Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We address the proof-based development of (system) models satisfying a security policy. The security policy is expressed in a model called OrBAC, which allows one to state permissions and prohibitions on actions and activities and belongs to the family of role-based access control formalisms. The main question is to validate the link between the security policy expressed in OrBAC and the resulting system; a first abstract B model is derived from the OrBAC specification of the security policy and then the model is refined to introduce properties that can be expressed in OrBAC. The refinement guarantees that the resulting B (system) model satisfies the security policy. We present a generic development of a system with respect to a security policy and it can be instantiated later for a given security policy.

Author supplied keywords

Cite

CITATION STYLE

APA

Benaïssa, N., Cansell, D., & Méry, D. (2006). Integration of security policy into system modeling. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4355 LNCS, pp. 232–247). Springer Verlag. https://doi.org/10.1007/11955757_19

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free