Home > Research > Publications & Outputs > Verification of Resilience Policies that Assist...

Electronic data

  • ABAC-2017-CM

    Rights statement: © ACM, 2017. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in ABAC '17 Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control http://dx.doi.org/10.1145/3041048.3041049

    Accepted author manuscript, 1 MB, PDF-document

Links

Text available via DOI:

View graph of relations

Verification of Resilience Policies that Assist Attribute Based Access Control

Research output: Contribution in Book/Report/ProceedingsConference contribution

Published
Publication date24/03/2017
Host publicationABAC '17 Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control
Place of PublicationNew York
PublisherACM
Pages43-52
Number of pages10
ISBN (Print)9781450349109
<mark>Original language</mark>English
EventACM Workshop on Attribute Based Access Control - Arizona, United States

Conference

ConferenceACM Workshop on Attribute Based Access Control
Abbreviated titleABAC
CountryUnited States
CityArizona
Period24/03/1724/03/17
Internet address

Conference

ConferenceACM Workshop on Attribute Based Access Control
Abbreviated titleABAC
CountryUnited States
CityArizona
Period24/03/1724/03/17
Internet address

Abstract

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined in the context of these models is their ability to successfully restrict access to resources. Nevertheless, considering only restriction of access may not be enough in some environments, as in critical infrastructures. The protection of systems in this type of environment requires a new line of enquiry. It is essential to ensure that appropriate access is always possible, even when users and resources are subjected to challenges of various sorts. Resilience in access control is conceived as the ability of a system not to restrict but rather to ensure access to resources. In order to demonstrate the application of resilience in access control, we formally define an attribute based access control model (ABAC) based on guidelines provided by the National Institute of Standards and Technology (NIST). We examine how ABAC-based resilience policies can be specified in temporal logic and how these can be formally verified. The verification of resilience is done using an automated model checking technique, which eventually may lead to reducing the overall complexity required for the verification of resilience policies and serve as a valuable tool for administrators.

Bibliographic note

© ACM, 2017. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in ABAC '17 Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control http://dx.doi.org/10.1145/3041048.3041049