HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Journal articles

Specification and Refinement of Access Control

Dominique Méry 1 Stephan Merz 1
1 MOSEL - Proof-oriented development of computer-based systems
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : We consider the extension of fair event system specifications by concepts of access control (prohibitions, user rights, and obligations). We give proof rules for verifying that an access control policy is correctly implemented in a system, and consider preservation of access control by refinement of event systems. Prohibitions and obligations are expressed as properties of traces and are preserved by standard refinement notions of event systems. Preservation of user rights is not guaranteed by construction; we propose to combine implementation-level user rights and obligations to implement high-level user rights.
Document type :
Journal articles
Complete list of metadata

https://hal.inria.fr/inria-00147824
Contributor : Stephan Merz Connect in order to contact the contributor
Submitted on : Monday, May 21, 2007 - 10:38:10 AM
Last modification on : Friday, February 4, 2022 - 3:16:33 AM

Identifiers

  • HAL Id : inria-00147824, version 1

Collections

Citation

Dominique Méry, Stephan Merz. Specification and Refinement of Access Control. Journal of Universal Computer Science, Graz University of Technology, Institut für Informationssysteme und Computer Medien, 2007, 13 (8), pp.1073-1093. ⟨inria-00147824⟩

Share

Metrics

Record views

100