Kallel, Slim ; Charfi, Anis ; Mezini, Mira ; Jmaiel, Mohamed (2008)
Aspect-based Enforcement of Formal Delegation Policies.
Third International Conference on Risks and Security of Internet and Systems (CRiSIS '08). Tozeur, Tunisia (28.-30. Okt. 2008)
doi: 10.1109/CRISIS.2008.4757459
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Delegation is a powerful concept in access control systems, which allows users to assign all or part of their permissions to other users. Several types of delegation models for role-based access control have been proposed so far. However, most existing works focus on the specification of delegation policies and there is very little work on the monitoring and enforcement of such policies at runtime. In this paper, we use a security approach combining formal methods and aspect-oriented programming for specifying and enforcing delegation policies. In our approach, delegation models and their characteristics are specified formally using TemporalZ, which is a combination of Z notation and temporal logic. Then, we verify the formal specification to ensure consistency using theorem proving. Finally, we generate automatically a set of aspects in the aspect-oriented language ALPHA from the TemporalZ specifications. These aspects enforce the specified delegation policies at runtime.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2008 |
| Autor(en): | Kallel, Slim ; Charfi, Anis ; Mezini, Mira ; Jmaiel, Mohamed |
| Art des Eintrags: | Bibliographie |
| Titel: | Aspect-based Enforcement of Formal Delegation Policies |
| Sprache: | Englisch |
| Publikationsjahr: | Oktober 2008 |
| Verlag: | IEEE |
| Veranstaltungstitel: | Third International Conference on Risks and Security of Internet and Systems (CRiSIS '08) |
| Veranstaltungsort: | Tozeur, Tunisia |
| Veranstaltungsdatum: | 28.-30. Okt. 2008 |
| DOI: | 10.1109/CRISIS.2008.4757459 |
| Kurzbeschreibung (Abstract): | Delegation is a powerful concept in access control systems, which allows users to assign all or part of their permissions to other users. Several types of delegation models for role-based access control have been proposed so far. However, most existing works focus on the specification of delegation policies and there is very little work on the monitoring and enforcement of such policies at runtime. In this paper, we use a security approach combining formal methods and aspect-oriented programming for specifying and enforcing delegation policies. In our approach, delegation models and their characteristics are specified formally using TemporalZ, which is a combination of Z notation and temporal logic. Then, we verify the formal specification to ensure consistency using theorem proving. Finally, we generate automatically a set of aspects in the aspect-oriented language ALPHA from the TemporalZ specifications. These aspects enforce the specified delegation policies at runtime. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik > Softwaretechnik 20 Fachbereich Informatik |
| Hinterlegungsdatum: | 14 Sep 2009 07:15 |
| Letzte Änderung: | 05 Mär 2013 09:19 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum