Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

A Correct-by-Construction Model for Attribute-Based Access Control

  • Conference paper
  • First Online:
Model and Data Engineering (MEDI 2018)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11163))

Included in the following conference series:

  • 1026 Accesses

Abstract

In this paper, a formal specification approach of the Attribute-Based Access Control (ABAC) is proposed using the Event-B method. We apply an a-priori formal verification to build a correct model in a stepwise manner. Correctness of the specification model is insured during the construction steps. The model is composed of abstraction levels that are generated through refinement operations. A set of ABAC properties is defined in each level of refinement starting from the highest abstract level to the most concrete one. These properties are preserved by proofs with the behavior specification.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Osborn, S., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 3(2), 85–106 (2000)

    Article  Google Scholar 

  2. Yong, J., Bertino, E., Roberts, M.T.D.: Extended RBAC with role attributes. In: PACIS 2006 Proceedings, p. 8 (2006)

    Google Scholar 

  3. Mammass, M., Ghadi, F.: Access control models: State of the art and comparative study. In: 2014 Second World Conference on Complex Systems (WCCS), pp. 431–435. IEEE (2014)

    Google Scholar 

  4. Hu, V.C., Kuhn, D.R., Ferraiolo, D.F.: Attribute-based access control. Computer 48(2), 85–88 (2015)

    Article  Google Scholar 

  5. Hu, V.C., Kuhn, R., Yaga, D.: Verification and test methods for access control policies/models. NIST Spec. Publ. 800, 192 (2017)

    Google Scholar 

  6. Heljanko, K., Junttila, T., Keinänen, M., Lange, M., Latvala, T.: Bounded model checking for weak alternating Büchi automata. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 95–108. Springer, Heidelberg (2006). https://doi.org/10.1007/11817963_12

    Chapter  Google Scholar 

  7. Anderson, A., et al.: eXtensible Access Control Markup Language (XACML) version 1.0. OASIS (2003)

    Google Scholar 

  8. Abrial, J.R., Butler, M., Hallerstede, S., Hoang, T.S., Mehta, F., Voisin, L.: Rodin: an open toolset for modelling and reasoning in Event-B. Int. J. Softw. Tools Technol. Transf. 12(6), 447–466 (2010)

    Article  Google Scholar 

  9. Romanovsky, A., Thomas, M. (eds.): Industrial Deployment of System Engineering Methods. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-33170-1

    Book  Google Scholar 

  10. Voas, J., Schaffer, K.: Whatever happened to formal methods for security? Computer 49(8), 70 (2016)

    Article  Google Scholar 

  11. Chong, S., et al.: Report on the NSF workshop on formal methods for security. Technical report, USA (2016)

    Google Scholar 

  12. Huynh, N., Frappier, M., Mammar, A., Laleau, R., Desharnais, J.: A formal validation of the RBAC ANSI 2012 standard using B. Sci. Comput. Program. 131, 76–93 (2016)

    Article  Google Scholar 

  13. Idani, A., Ledru, Y.: B for modeling secure information systems. In: Butler, M., Conchon, S., Zaïdi, F. (eds.) ICFEM 2015. LNCS, vol. 9407, pp. 312–318. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25423-4_20

    Chapter  MATH  Google Scholar 

  14. Farah, Z., Ait-Ameur, Y., Ouederni, M., Tari, K.: A correct-by-construction model for asynchronously communicating systems. Int. J. Softw. Tools Technol. Transf. 19(4), 465–485 (2017)

    Article  Google Scholar 

  15. Benyagoub, S., Ouederni, M., Aït-Ameur, Y., Mashkoor, A.: Incremental construction of realizable choreographies. In: Dutle, A., Muñoz, C., Narkawicz, A. (eds.) NFM 2018. LNCS, vol. 10811, pp. 1–19. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-77935-5_1

    Chapter  Google Scholar 

  16. Hu, C.T.: Attribute based access control (ABAC) definition and considerations. Technical report (2014)

    Google Scholar 

  17. Abrial, J.R.: Modeling in Event-B: System and Software Engineering. Cambridge University Press, Cambridge (2010)

    Book  Google Scholar 

  18. Leuschel, M., Butler, M.: ProB: a model checker for B. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 855–874. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45236-2_46

    Chapter  Google Scholar 

  19. Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering, pp. 45–55. ACM (2004)

    Google Scholar 

  20. Zhang, N., Ryan, M., Guelev, D.P.: Evaluating access control policies through model checking. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 446–460. Springer, Heidelberg (2005). https://doi.org/10.1007/11556992_32

    Chapter  Google Scholar 

  21. Hughes, G., Bultan, T.: Automated verification of access control policies using a sat solver. Int. J. Softw. Tools Technol. Transf. 10(6), 503–520 (2008)

    Article  Google Scholar 

  22. Martin, E., Hwang, J., Xie, T., Hu, V.: Assessing quality of policy properties in verification of access control policies. In: Computer Security Applications Conference, ACSAC 2008. Annual, pp. 163–172. IEEE (2008)

    Google Scholar 

  23. Hoang, T.S., Basin, D., Abrial, J.R.: Specifying access control in event-b. Technical report 624 (2009)

    Google Scholar 

  24. Shu, C., Yang, E.Y., Arenas, A.E.: Detecting conflicts in ABAC policies with rule-reduction and binary-search techniques. In: IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009, pp. 182–185. IEEE (2009)

    Google Scholar 

  25. Hwang, J., Xie, T., Hu, V., Altunay, M.: ACPT: a tool for modeling and verifying access control policies. In: 2010 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 40–43. IEEE (2010)

    Google Scholar 

  26. Jayaraman, K., Tripunitara, M., Ganesh, V., Rinard, M., Chapin, S.: Mohawk: abstraction-refinement and bound-estimation for verifying access control policies. ACM Trans. Inf. Syst. Secur. (TISSEC) 15(4), 18 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIMED Laboratory, Faculty of Exact Sciences, University of Bejaia, Béjaïa, Algeria

    Hania Gadouche, Zoubeyr Farah & Abdelkamel Tari

Authors
  1. Hania Gadouche
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zoubeyr Farah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abdelkamel Tari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hania Gadouche .

Editor information

Editors and Affiliations

  1. Cadi Ayyad University, Marrakesh, Morocco

    El Hassan Abdelwahed

  2. LIAS/ISAE-ENSMA, Futuroscope Chasseneuil Cedex, France

    Ladjel Bellatreche

  3. University of Bologna, Cesena, Italy

    Mattéo Golfarelli

  4. University of Lorraine, Vandœuvre-lès-Nancy, France

    Dominique Méry

  5. University of Houston, Houston, TX, USA

    Carlos Ordonez

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gadouche, H., Farah, Z., Tari, A. (2018). A Correct-by-Construction Model for Attribute-Based Access Control. In: Abdelwahed, E., Bellatreche, L., Golfarelli, M., Méry, D., Ordonez, C. (eds) Model and Data Engineering. MEDI 2018. Lecture Notes in Computer Science(), vol 11163. Springer, Cham. https://doi.org/10.1007/978-3-030-00856-7_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00856-7_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00855-0

  • Online ISBN: 978-3-030-00856-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation