Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies

Marius Schlegel; Peter Amthor

doi:10.5220/0009834304310442

Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies

Marius Schlegel, Peter Amthor

2020

Abstract

Despite defining a de-facto standard in model-based security engineering, role-based access control models still suffer from limited analysis capabilities. This is especially true for dynamic security properties in the lineage of HRU safety. As a consequence, despite of their widespread use for policy specification and implementation, it is difficult to provide and preserve correctness guarantees for such models. We propose a formal framework, called DRBAC, to resolve this dilemma: While retaining application-oriented model abstractions, our approach allows to configure their dynamics in terms of state transitions. This enables a security engineer to tailor both a model and its analysis method to certain safety-related analysis goals. We demonstrate this claim based on a practical security policy.

Download

Paper Citation

in Harvard Style

Schlegel M. and Amthor P. (2020). Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 431-442. DOI: 10.5220/0009834304310442

in Bibtex Style

@conference{secrypt20,
author={Marius Schlegel and Peter Amthor},
title={Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={431-442},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009834304310442},
isbn={978-989-758-446-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies
SN - 978-989-758-446-6
AU - Schlegel M.
AU - Amthor P.
PY - 2020
SP - 431
EP - 442
DO - 10.5220/0009834304310442