Rewrite Based Specification of Access Control Policies

Horatiu Cirstea 1 Pierre-Etienne Moreau 1 Anderson Santana de Oliveira 1
1 PAREO - Formal islands: foundations and applications
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Data protection within information systems is one of the main concerns in computer systems security and different access control policies can be used to specify the access requests that should be granted or denied. These access control mechanisms should guarantee that information can be accessed only by authorized users and thus prevent all information leakage. We propose a methodology for specifying and implementing access control policies using the rewrite based framework Tom. This approach allows us to check that any reachable state obtained following an access granted in the implementation satisfies the policy specification. We show that when security levels are not totally ordered some information leakage can be detected.
Type de document :
Communication dans un congrès
3rd International Workshop on Security and Rewriting Techniques - SecReT 2008, Jun 2008, Pittsburgh, United States. 234, pp.37-54, 2009, Electronic Notes in Theoretical Computer Science
Liste complète des métadonnées

https://hal.inria.fr/inria-00335091
Contributeur : Anderson Santana de Oliveira <>
Soumis le : mardi 28 octobre 2008 - 14:30:03
Dernière modification le : jeudi 11 janvier 2018 - 06:22:10

Identifiants

  • HAL Id : inria-00335091, version 1

Collections

Citation

Horatiu Cirstea, Pierre-Etienne Moreau, Anderson Santana de Oliveira. Rewrite Based Specification of Access Control Policies. 3rd International Workshop on Security and Rewriting Techniques - SecReT 2008, Jun 2008, Pittsburgh, United States. 234, pp.37-54, 2009, Electronic Notes in Theoretical Computer Science. 〈inria-00335091〉

Partager

Métriques

Consultations de la notice

189