Home > Research > Publications & Outputs > Verification of Resilience Policies that Assist...

Electronic data

View graph of relations

Verification of Resilience Policies that Assist Attribute Based Access Control

Research output: Contribution in Book/Report/ProceedingsConference contribution

Forthcoming
Publication date18/01/2017
Host publicationABAC’17
<mark>Original language</mark>English
EventACM Workshop on Attribute Based Access Control - Arizona, United States

Conference

ConferenceACM Workshop on Attribute Based Access Control
Abbreviated titleABAC
CountryUnited States
CityArizona
Period24/03/1724/03/17
Internet address

Conference

ConferenceACM Workshop on Attribute Based Access Control
Abbreviated titleABAC
CountryUnited States
CityArizona
Period24/03/1724/03/17
Internet address

Abstract

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined in the context of these models is their ability to successfully restrict access to resources. Nevertheless, considering only restriction of access may not be enough in some environments, as in critical infrastructures. The protection of systems in this type of environment requires a new line of enquiry. It is essential to ensure that appropriate access is always possible, even when users and resources are subjected to challenges of various sorts. Resilience in access control is conceived as the ability of a system not to restrict but rather to ensure access to resources. In order to demonstrate the application of resilience in access control, we formally define an attribute based access control model (ABAC) based on guidelines provided by the National Institute of Standards and Technology (NIST). We examine how ABAC-based resilience policies can be specified in temporal logic and how these can be formally verified. The verification of resilience is done using an automated model checking technique, which eventually may lead to reducing the overall complexity required for the verification of resilience policies and serve as a valuable tool for administrators.