A Design by Contract Approach to Verify Access Control Policies

In the security domain, access control (AC) consists in specifying who can access to what and how, with the four well-known concepts of permission, prohibition, obligation and separation of duty. In this paper, we focus on role-based access control (RBAC) models and more precisely on the verification of formal RBAC models. We propose a solution for this verification issue, based on the use of the Tamago platform. In Tamago, functional contracts can be defined with pre/post conditions and deterministic automata. The Tamago platform provides tools for static verifications of these contracts, generation of test scenarios from the abstract contracts and monitoring facilities for dynamic analyses. We have extended the platform to take into account AC aspects. AC rules, expressed in a subset of EB3SEC, a process algebra-based language, are translated into pre and post conditions of new security contracts. We have also adapted the test case generator to derive suitable test scenarios and the monitoring framework by adding a new security component.

[1]  Cyril S. Ku,et al.  Design Patterns , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[2]  Martin Gogolla,et al.  USE: A UML-based specification environment for validating UML and OCL , 2007, Sci. Comput. Program..

[3]  Marc Frappier,et al.  Expressing Access Control Policies with an Event-Based Approach , 2011, CAiSE Workshops.

[4]  Yeping He,et al.  A Verifiable Formal Specification for RBAC Model with Constraints of Separation of Duty , 2006, Inscrypt.

[5]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[6]  Frédéric Peschanski,et al.  A Constraint Logic Programming Approach to Automated Testing , 2008, ICLP.

[7]  Frédéric Peschanski,et al.  Automated Generation of Test Cases from Contract-Oriented Specifications: A CSP-Based Approach , 2008, 2008 11th IEEE High Assurance Systems Engineering Symposium.

[8]  Benoît Fraikin,et al.  Comparison of Model Checking Tools for Information Systems , 2010, ICFEM.

[9]  Jorge Lobo,et al.  An obligation model bridging access control policies and privacy policies , 2008, SACMAT '08.

[10]  Catherine Oriat,et al.  Jartege: A Tool for Random Generation of Unit Tests for Java Classes , 2004, QoSA/SOQUA.

[11]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[12]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[13]  David A. Basin,et al.  Dynamic enforcement of abstract separation of duty constraints , 2009, TSEC.

[14]  Régine Laleau,et al.  Taking into Account Functional Models in the Validation of IS Security Policies , 2011, CAiSE Workshops.

[15]  Marc Frappier,et al.  Specification and Verification of Access Control Policies in EB3SEC: Work in Progress , 2011, FPS.

[16]  Christopher G. Lasater,et al.  Design Patterns , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[17]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[18]  Yoonsik Cheon Automated Random Testing to Detect Specification-Code Inconsistencies , 2007, SETP.

[19]  Nora Cuppens-Boulahia,et al.  Managing access and flow control requirements in distributed workflows , 2008, 2008 IEEE/ACS International Conference on Computer Systems and Applications.

[20]  David A. Basin,et al.  Automated analysis of security-design models , 2009, Inf. Softw. Technol..

[21]  Ralf H. Reussner,et al.  Reasoning about Software Architectures with Contractually Specified Components , 2003, Component-Based Software Quality.

[22]  Michael D. Ernst,et al.  Randoop: feedback-directed random testing for Java , 2007, OOPSLA '07.

[23]  Andreas Schaad,et al.  A lightweight approach to specification and analysis of role-based access control extensions , 2002, SACMAT '02.

[24]  Nafees Qamar,et al.  Validation of security policies by the animation of Z specifications , 2011, SACMAT '11.

[25]  Alan W. Brown,et al.  Using Service-Oriented Architecture and Component-Based Development to Build Web Service Applications , 2003 .

[26]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .