Skip to main content
Conference Proceedings

Conformance checking of RBAC policy and its implementation

Lecture Notes in Computer Science (2005) 3439 144-155
DOI: 10.1007/978-3-540-31979-5_13
25Citations
Citations of this article
18Readers
Mendeley users who have this article in their library.
Get full text

Abstract

The purpose a security policy is to specify rules to govern access to system resources preferably without considering implementation details. Both policy and its implementation might be altered, and after introducing changes, it is not obvious that they are consistent. Therefore, we need to validate conformance between policy and its implementation. In this paper we describe an approach based on finite-model checking to verify that a RBAC implementation conforms to a security policy. We make use of the model-checking system SPIN, and show how to express RBAC policy constraints by means of LTL and how to model an RBAC implementation in SPIN's internal modeling language PROMELA. © Springer-Verlag Berlin Heidelberg 2005.

Cite

CITATION STYLE

APA

Hansen, F., & Oleshchuk, V. (2005). Conformance checking of RBAC policy and its implementation. In Lecture Notes in Computer Science (Vol. 3439, pp. 144–155). Springer Verlag. https://doi.org/10.1007/978-3-540-31979-5_13

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free