Event Systems and Access Control

Dominique Méry 1 Stephan Merz 1
1 MOSEL - Proof-oriented development of computer-based systems
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : We consider the interpretations of notions of access control (permissions, interdictions, obligations, and user rights) as run-time properties of information systems specified as event systems with fairness. We give proof rules for verifying that an access control policy is enforced in a system, and consider preservation of access control by refinement of event systems. In particular, refinement of user rights is non-trivial; we propose to combine low-level user rights and system obligations to implement high-level user rights.
Complete list of metadatas

Cited literature [21 references]  Display  Hide  Download

https://hal.inria.fr/inria-00001262
Contributor : Stephan Merz <>
Submitted on : Friday, April 21, 2006 - 2:17:48 PM
Last modification on : Thursday, September 19, 2019 - 5:00:11 PM
Long-term archiving on: Saturday, April 3, 2010 - 11:14:35 PM

Files

Identifiers

Collections

Citation

Dominique Méry, Stephan Merz. Event Systems and Access Control. Sixth International IFIP WG 1.7 Workshop on Issues in the Theory of Security, Mar 2006, Vienna/Austria, pp.40-54. ⟨inria-00001262⟩

Share

Metrics

Record views

246

Files downloads

270