Skip to Main content Skip to Navigation
Journal articles

Specification, analysis and transformation of security policies via rewriting techniques

Tony Bourdier 1 
1 PAREO - Formal islands: foundations and applications
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Formal methods for the specification and analysis of security policies have drawn many attention recently. It is now well known that security policies can be represented using rewriting systems. These systems constitute an interesting formalism to prove properties while provides an operational way to evaluate authorization requests. In this paper, we propose to split the expression of security policies in two distinct elements: a security model and a configuration. The security model (expressed as an equational problem) describes how authorization requests must be evaluated depending on security information. The configuration (expressed as a rewriting system) assigns values to security information. This separation eases the formal analysis of security policies, and makes it possible to automatically convert a given policy to a new security model.
Complete list of metadata
Contributor : Tony Bourdier Connect in order to contact the contributor
Submitted on : Thursday, October 14, 2010 - 1:05:35 PM
Last modification on : Saturday, June 25, 2022 - 7:40:31 PM


  • HAL Id : inria-00525761, version 1



Tony Bourdier. Specification, analysis and transformation of security policies via rewriting techniques. Journal of Information Assurance and Security, Dynamic Publishers Inc., USA, 2011, 6 (5), pp.357-368. ⟨inria-00525761⟩



Record views