Automatic Conformance Checking of Role-Based Access Control Policies via Alloy

Access control policies are a crucial aspect of many security-critical software systems. It is generally accepted that the construction of access control policies is not a straightforward task. Further, any mistakes in the process have the potential to give rise both to security risks, due to the provision of inappropriate access, and to frustration on behalf of legitimate end-users when they are prevented from performing essential tasks. In this paper we describe a tool for constructing role-based access control (RBAC) policies, which are automatically checked for conformance with constraints described using predicate logic. These constraints may represent general healthiness conditions that should hold of all policies conforming to a general model, or capture requirements pertaining to a particular deployment.

[1]  Milan Petkovic,et al.  Security, Privacy, and Trust in Modern Data Management , 2007, Data-Centric Systems and Applications.

[2]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[3]  Sarfraz Khurshid,et al.  Proceedings of the Third international conference on Abstract State Machines, Alloy, B, VDM, and Z , 2012 .

[4]  Jim Woodcock,et al.  Using Z - specification, refinement, and proof , 1996, Prentice Hall international series in computer science.

[5]  Andrew C. Simpson,et al.  A healthcare-driven framework for facilitating the secure sharing of data across organisational boundaries , 2008, HealthGrid.

[6]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[7]  Michael Brady,et al.  GIMI: the past, the present and the future , 2010, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[8]  Daniel Jackson,et al.  Alloy: a lightweight object modelling notation , 2002, TSEM.

[9]  Andrew C. Simpson,et al.  Accessing and aggregating legacy data sources for healthcare research, delivery and training , 2008, SAC '08.

[10]  Sabrina De Capitani di Vimercati,et al.  Authorization and Access Control , 2007, Security, Privacy, and Trust in Modern Data Management.

[11]  Mark Ryan,et al.  Synthesising verified access control systems through model checking , 2008, J. Comput. Secur..

[12]  Andrew C. Simpson,et al.  On the Modelling and Analysis of Amazon Web Services Access Policies , 2010, ASM.

[13]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[14]  Andrew C. Simpson,et al.  Formalising and Validating RBAC-to-XACML Translation Using Lightweight Formal Methods , 2010, ASM.

[15]  Emina Torlak,et al.  Kodkod: A Relational Model Finder , 2007, TACAS.

[16]  Mark Ryan,et al.  Evaluating Access Control Policies Through Model Checking , 2005, ISC.

[17]  Andrew C. Simpson,et al.  On the Facilitation of Fine-Grained Access to Distributed Healthcare Data , 2008, Secure Data Management.

[18]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[19]  Moritz Y. Becker Specification and Analysis of Dynamic Authorisation Policies , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[20]  Tevfik Bultan,et al.  Automated verification of access control policies using a SAT solver , 2008, International Journal on Software Tools for Technology Transfer.

[21]  Elisa Bertino,et al.  CHAPTER 3 – Security for Distributed Systems: Foundations of Access Control , 2008 .

[22]  Antonios Gouglidis,et al.  On the Definition of Access Control Requirements for Grid and Cloud Computing Systems , 2009, GridNets.

[23]  Perdita Stevens,et al.  Modelling Recursive Calls with UML State Diagrams , 2003, FASE.

[24]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[25]  Jason Crampton,et al.  Specifying and enforcing constraints in role-based access control , 2003, SACMAT '03.

[26]  Michael Huth,et al.  Towards an Access-Control Framework for Countering Insider Threats , 2010, Insider Threats in Cyber Security.

[27]  Ralf Behnke,et al.  RELVIEW - A System for Calculating With Relations and Relational Programming , 1998, FASE.

[28]  Gail-Joon Ahn,et al.  Enabling verification and conformance testing for access control model , 2008, SACMAT '08.

[29]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[30]  Andrew C. Simpson,et al.  On Formalizing and Normalizing Role-Based Access Control Systems , 2009, Comput. J..