Comparing the expressive power of access control models

Tripunitara, Mahesh; Li, Ninghui

doi:10.1145/1030083.1030093

Cited by 43 publications

(77 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [7], different access control models are represented in C-Datalog (an object-oriented extension of Datalog) and compared using results from logic programming. In [23], the authors express access control systems as state transitions systems as we do and introduce security-preserving mappings, called reductions, to compare security analysis based on accessibility relations in two different models. In [9,15], the comparison mechanism is based on a notion of simulation.…”

Section: Related Workmentioning

confidence: 99%

Formal Specification and Validation of Security Policies

Bourdier

Cirstea

Jaume

et al. 2012

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical security policy specification approaches like the ones using Datalog, for example. Our specifications have an operational semantics based on transition and rewriting systems and are thus executable. This framework also provides a common formalism to define, compare and compose security systems and policies. We define transformations over secured systems in order to perform validation of classical security properties.

show abstract

Section: Related Workmentioning

confidence: 99%

Formal Specification and Validation of Security Policies

Bourdier

Cirstea

Jaume

et al. 2012

Foundations and Practice of Security

View full text Add to dashboard Cite

show abstract

“…These simulation frameworks proved to be too relaxed, allowing almost any reasonable scheme to be shown equivalent to all others. To address this, Tripunitara and Li [25] developed a more restrictive notion of expressive power. Their framework supersedes the more informal notions of simulation developed in prior works by requiring the use of specific types of mappings between systems that guarantee relevant security properties are preserved under simulation; this provides a greater level of precision when ranking access control schemes in terms of their expressiveness.…”

Section: Related Workmentioning

confidence: 99%

“…However, existing work on the formal analysis of access control schemes has focused largely on comparing the relative expressive power of two or more access control schemes (e.g., [1,7,11,17,20,21,23,25]). Although expressive Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.…”

Section: Introductionmentioning

confidence: 99%

The need for application-aware access control evaluation

Garrison

Lee

Hinrichs

2012

Proceedings of the 2012 New Security Paradigms Workshop

View full text Add to dashboard Cite

Access control is an area where one size does not fit all. However, previous work in access control has focused solely on expressiveness as an absolute measure. Thus, we discuss and justify the need for a new type of evaluation framework for access control, one that is application-aware. To this end, we apply previous work in access control evaluation, as well as lessons learned from evaluation frameworks used in other domains. We describe the analysis components required by such a framework, the challenges involved in building it, and our preliminary work in realizing this ambitious goal. We then theorize about other areas within the security domain that display a similar absence of such evaluation tools, and consider ways in which we can adapt our framework to analyze these broader types of security workloads.

show abstract

“…An access control policy is a definition of how a system should provide or deny access which can range from an abstract statement like, "only users on this list should have access," or "only users who have given me service in the past should have access," to programs in policy languages with executable semantics. An access control scheme, as defined by [14], is a state transition system in which access control decisions are specified as changes of state in an appropriate representation such as an access control matrix. A set of access control schemes is an access control model.…”

Section: 1mentioning

confidence: 99%