Synthesising verified access control systems through model checking

Zhang, Nan; Ryan, Mark; Guelev, Dimitar P.

doi:10.3233/jcs-2008-16101

Cited by 41 publications

(26 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their approach is limited in modeling knowledge gained by the interaction of agents in a multi-agent system. RW framework [2] has the most similar approach with ours. The transition system in RW is build over the knowledge of the active coalition of agents.…”

Section: Related Workmentioning

confidence: 97%

“…They also allow controlling access to the data based on the user roles. In such multi-agent systems, access to the data is regulated by dynamic access control policies, which are a class of authorization rules that the permissions for an agent depend on the state of the system and change when agents interact with the system [1][2][3]. In complicated access control scenarios, there is always a risk that some required properties do not hold in the system.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Model Checking Agent Knowledge in Dynamic Access Control Policies

Koleini

Ritter

Ryan

2013

Tools and Algorithms for the Construction and Analysis of Systems

Self Cite

View full text Add to dashboard Cite

Abstract. In this paper, we develop a modeling technique based on interpreted systems in order to verify temporal-epistemic properties over access control policies. This approach enables us to detect information flow vulnerabilities in dynamic policies by verifying the knowledge of the agents gained by both reading and reasoning about system information. To overcome the practical limitations of state explosion in model-checking temporal-epistemic properties, we introduce a novel abstraction and refinement technique for temporal-epistemic safety properties in ACTLK (ACTL with knowledge modality K) and a class of interesting properties that does fall in this category.

show abstract

Section: Related Workmentioning

confidence: 97%

Section: Introductionmentioning

confidence: 99%

Model Checking Agent Knowledge in Dynamic Access Control Policies

Koleini

Ritter

Ryan

2013

Tools and Algorithms for the Construction and Analysis of Systems

Self Cite

View full text Add to dashboard Cite

show abstract

“…For instance, Zhang et al [31] propose RW (Read and Write), a formalism based on propositional logic, for the specification of access control policies. Based on this formalism, they employ symbolic model-checking to verify properties against a policy model expressed in RW.…”

Section: Related Workmentioning

confidence: 99%

Analysis of XACML Policies with SMT

Türkmen

Hartog

Ranise

et al. 2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The eXtensible Access Control Markup Language (XACML) is an extensible and flexible XML language for the specification of access control policies. However, the richness and flexibility of the language (along with the verbose syntax of XML) come with a price: errors are easy to make and difficult to detect when policies grow in size. If these errors are not detected and rectified, they can result in serious data leakage and/or privacy violations leading to significant legal and financial consequences. To assist policy authors in the analysis of their policies, several policy analysis tools have been proposed based on different underlying formalisms. However, most of these tools either abstract away functions over non-Boolean domains (hence they cannot provide information about them) or produce very large encodings which hinder the performance. In this paper, we present a generic policy analysis framework that employs SMT as the underlying reasoning mechanism. The use of SMT does not only allow more fine-grained analysis of policies but also improves the performance. We demonstrate that a wide range of security properties proposed in the literature can be easily modeled within the framework. A prototype implementation and its evaluation are also provided.

show abstract

“…Zhang et al [40,41,42] provide a model checking algorithm for evaluating access control systems and present the computational complexity of the algorithm. This approach can be used to detect, in an access control policy, errors caused by the interactions of policy rules and coalitions among multiple agents.…”

Section: Other Access Control Verification Techniquesmentioning

confidence: 99%

Formal verification of security properties in trust management policy

Niu

Reith

Winsborough

2014

JCS

View full text Add to dashboard Cite

Trust management is a scalable form of access control that relies heavily on delegation. Different parts of the policy are under the control of different principals in the system. While these two characteristics may be necessary in large or decentralized systems, they make it difficult to anticipate how policy changes made by others will affect whether ones own security objectives are met and will continue to be met in the future. Automated analysis tools are needed for assessing this question. The article develops techniques that support the development of tools that nevertheless are able to solve many analysis problem instances. When an access control policy fails to satisfy desired security objectives, the tools provide information about how and why the failure occurs. Such information can assist policy authors design appropriate policies. The approach to performing the analyses is based on model checking. To assist in making the approach effective, a collection of reduction techniques is introduced. We prove the correctness of these reductions and empirically evaluate their effectiveness. While the class of analysis problem instances we examine is generally intractable, we find that our reduction techniques are often able to reduce some problem instances into a form that can be automatically verified.

show abstract

Synthesising verified access control systems through model checking

Cited by 41 publications

References 31 publications

Model Checking Agent Knowledge in Dynamic Access Control Policies

Model Checking Agent Knowledge in Dynamic Access Control Policies

Analysis of XACML Policies with SMT

Formal verification of security properties in trust management policy

Contact Info

Product

Resources

About