Specification, analysis and transformation of security policies via rewriting techniques

Tony Bourdier 1
1 PAREO - Formal islands: foundations and applications
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Formal methods for the specification and analysis of security policies have drawn many attention recently. It is now well known that security policies can be represented using rewriting systems. These systems constitute an interesting formalism to prove properties while provides an operational way to evaluate authorization requests. In this paper, we propose to split the expression of security policies in two distinct elements: a security model and a configuration. The security model (expressed as an equational problem) describes how authorization requests must be evaluated depending on security information. The configuration (expressed as a rewriting system) assigns values to security information. This separation eases the formal analysis of security policies, and makes it possible to automatically convert a given policy to a new security model.
Type de document :
Article dans une revue
Journal of Information Assurance and Security, Dynamic Publishers Inc., USA, 2011, 6 (5), pp.357-368. 〈http://www.mirlabs.org/jias/secured/Volume6-Issue5/vol6-issue5.html〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00525761
Contributeur : Tony Bourdier <>
Soumis le : jeudi 14 octobre 2010 - 13:05:35
Dernière modification le : jeudi 11 janvier 2018 - 06:22:10

Identifiants

  • HAL Id : inria-00525761, version 1

Collections

Citation

Tony Bourdier. Specification, analysis and transformation of security policies via rewriting techniques. Journal of Information Assurance and Security, Dynamic Publishers Inc., USA, 2011, 6 (5), pp.357-368. 〈http://www.mirlabs.org/jias/secured/Volume6-Issue5/vol6-issue5.html〉. 〈inria-00525761〉

Partager

Métriques

Consultations de la notice

153