Publication | Closed Access
A Role-Based Access Control Policy Verification Framework for Real-Time Systems
52
Citations
16
References
2006
Year
Unknown Venue
EngineeringInformation SecurityVerificationAuthorizationSoftware AnalysisFormal VerificationSecure Network AccessLogical Access ControlAccess ControlSystems EngineeringWorkflow SecurityAccess Control RequirementsActive DatabasesComputer ScienceSoftware DesignData SecurityFormal MethodsSecurityReal-time SystemsAuthentication Access ControlComputer Security ModelModel-driven Security
This paper presents a framework for verifying the access control requirements of real-time application systems such as workflow management systems and active databases. The temporal and event-based semantics of these applications can be expressed using event-driven role based access control (RBAC) model. Any comprehensive access control model such as RBAC requires verification and validation mechanisms to ensure the consistency of access control specification. An inconsistent access control specification exposes the underlying system to numerous vulnerabilities and security risks. In this paper, we propose a Petri-net based framework for verifying the correctness of event-driven RBAC policies.
| Year | Citations | |
|---|---|---|
Page 1
Page 1