Static verification of security requirements in role based CSCW systems

In this paper, we present static verification of security requirements for CSCW systems using finite-state techniques, i.e., model checking. The coordination and security constraints of CSCW systems are specified using a role based collaboration model. The verification ensures completeness and consistency of the specification given global requirements. We have developed several verification models to check security properties, such as task-flow constraints, information flow or confidentiality, and assignment of administrative privileges. The primary contribution of this paper is a methodology for verification of security requirements during designing collaboration systems.

[1]  Roshan K. Thomas,et al.  Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.

[2]  Jean-Pierre Verjus,et al.  Toward Autonomous Descriptions of Synchronization Modules , 1977, IFIP Congress.

[3]  Elisa Bertino,et al.  A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems , 1997, RBAC '97.

[4]  Trent Jaeger,et al.  Practical safety in flexible access control models , 2001, TSEC.

[5]  Jeremy L. Jacob,et al.  Specifying Security for Computer Supported Collaborative Working , 1995, J. Comput. Secur..

[6]  James C. Corbett,et al.  Bandera: extracting finite-state models from Java source code , 2000, ICSE.

[7]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[8]  P. Samarati,et al.  Verifying system security using Petri Nets , 1993, 1993 Proceedings of IEEE International Carnahan Conference on Security Technology.

[9]  Rik Eshuis,et al.  Verification support for workflow design with UML activity graphs , 2002, ICSE '02.

[10]  Roy H. Campbell,et al.  The specification of process synchronization by path expressions , 1974, Symposium on Operating Systems.

[11]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[12]  Ravi S. Sandhu The typed access matrix model , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  E. Stewart Lee,et al.  A general theory of security properties , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[14]  Jean Bacon,et al.  A model of OASIS role-based access control and its support for active security , 2001, TSEC.

[15]  Emil C. Lupu,et al.  Reconciling role based management and role based access control , 1997, RBAC '97.

[16]  Jonathan K. Millen,et al.  Non-interference, who needs it? , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[17]  Anand R. Tripathi,et al.  Specification of secure distributed collaboration systems , 2003, The Sixth International Symposium on Autonomous Decentralized Systems, 2003. ISADS 2003..

[18]  W. Janssen,et al.  Verifying business processes using spin , 1998 .

[19]  Sylvia L. Osborn Information flow analysis of an RBAC system , 2002, SACMAT '02.

[20]  Lawrence Snyder,et al.  Formal Models of Capability-Based Protection Systems , 1981, IEEE Transactions on Computers.

[21]  Anand R. Tripathi,et al.  Design of a policy-driven middleware for secure distributed collaboration , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[22]  Ravi S. Sandhu,et al.  Conceptual foundations for a model of task-based authorizations , 1994, Proceedings The Computer Security Foundations Workshop VII.

[23]  Gerhard Weikum,et al.  Enterprise-wide workflow management based on state and activity charts , 1998 .

[24]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[25]  Sylvia L. Osborn,et al.  The role graph model and conflict of interest , 1999, TSEC.

[26]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[27]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[28]  Riccardo Sisto,et al.  Using SPIN to Verify Security Properties of Cryptographic Protocols , 2002, SPIN.