Skip to Main content Skip to Navigation
Conference papers

On the Decidability of the Safety Problem for Access Control Policies

Abstract : An access control system regulates the rights of users to gain access to resources in accordance with a specified policy. The rules in this policy may interact in a way that is not obvious via human inspection; there is, therefore, a need for automated verification techniques that can check whether a policy does indeed implement some desired security requirement. Thirty years ago, a formalisation of access control presented a model and a safety specification for which satisfaction is undecidable. Subsequent research, aimed at finding restricted versions that obtain the decidability of this problem, yielded models without satisfactory expressive power for practical systems. Instead of restricting the model, we reexamine the safety specification. We develop a new logic that can express a wide variety of safety properties over access control systems, and show that model checking is decidable for a useful fragment of this logic.
Document type :
Conference papers
Complete list of metadata

Cited literature [21 references]  Display  Hide  Download
Contributor : Stephan Merz <>
Submitted on : Friday, August 18, 2006 - 7:48:47 PM
Last modification on : Tuesday, September 8, 2020 - 4:58:02 PM
Long-term archiving on: : Monday, April 5, 2010 - 11:10:27 PM


  • HAL Id : inria-00089496, version 1



Eldar Kleiner, Tom Newcomb. On the Decidability of the Safety Problem for Access Control Policies. Automatic Verification of Critical Systems, Sep 2006, Nancy/France, pp.91-103. ⟨inria-00089496⟩



Record views


Files downloads