Skip to main content
Conference ProceedingsOPEN ACCESS

Verifying SGAC Access Control Policies: A Comparison of ProB, Alloy and Z3

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2020) 12071 LNCS 223-229
DOI: 10.1007/978-3-030-48077-6_15
1Citations
Citations of this article
4Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper describes the formalisation of SGAC access control policies using Z3 and then we compare the performance with ProB and Alloy. SGAC is an attribute-based, fine-grain access control model that uses acyclic subject and resource graphs to provide rule inheritance and streamline policy specification. To ensure patient privacy and safety, four types of properties are checked: accessibility, availability, contextuality and rule effectiveness. Automatic translation of SGAC policies into each specification language has been defined. ProB offers the best verification performances, by two orders of magnitude. The performances of Alloy and Z3 are similar.

Author supplied keywords

Cite

CITATION STYLE

APA

de Azevedo Oliveira, D., & Frappier, M. (2020). Verifying SGAC Access Control Policies: A Comparison of ProB, Alloy and Z3. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 12071 LNCS, pp. 223–229). Springer. https://doi.org/10.1007/978-3-030-48077-6_15

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free