Event Systems and Access Control - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2006

Event Systems and Access Control

Dominique Méry
Proof-oriented development of computer-based systems
CV
Stephan Merz
Proof-oriented development of computer-based systems

Résumé

We consider the interpretations of notions of access control (permissions, interdictions, obligations, and user rights) as run-time properties of information systems specified as event systems with fairness. We give proof rules for verifying that an access control policy is enforced in a system, and consider preservation of access control by refinement of event systems. In particular, refinement of user rights is non-trivial; we propose to combine low-level user rights and system obligations to implement high-level user rights.

Domaines

Cryptographie et sécurité [cs.CR] Logique en informatique [cs.LO]
Fichier principal
Vignette du fichier
final.pdf (117.29 Ko) Télécharger le fichier

Stephan Merz  : Connectez-vous pour contacter le contributeur

https://inria.hal.science/inria-00001262

Soumis le : vendredi 21 avril 2006-14:17:48

Dernière modification le : vendredi 24 mars 2023-14:52:47

Archivage à long terme le : samedi 3 avril 2010-23:14:35

Télécharger pour visualiser

Dates et versions

inria-00001262 , version 1 (21-04-2006)

Identifiants

Citer

Dominique Méry, Stephan Merz. Event Systems and Access Control. Sixth International IFIP WG 1.7 Workshop on Issues in the Theory of Security, Mar 2006, Vienna/Austria, pp.40-54. ⟨inria-00001262⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

CNRS INRIA UNIV-LORRAINE INRIA2 LORIA
119 Consultations
69 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More