Modelling and Verification of Dynamic Role-Based Access Control

Inna Vistbakka, Elena Troubitsyna

Tutkimustuotos: Artikkeli kirjassa/raportissa/konferenssijulkaisussaKonferenssiartikkeliTieteellinenvertaisarvioitu

4 Sitaatiot (Scopus)

Abstrakti

Controlling access to resources is essential for ensuring correctness of system functioning. Role-Based Access Control (RBAC) is a popular authorisation model that regulates the user’s rights to manage system resources based on the user’s role. In this paper, we extend the traditional static approach to defining RBAC and propose as well as formalise a dynamic RBAC model. It allows a designer to explicitly define the dependencies between the system states and permissions to access and modify system resources. To facilitate a systematic description and verification of the dynamic access rights, we propose a contract-based approach and then we demonstrate how to model and verify dynamic RBAC in Event-B. The approach is illustrated by a case study -- a reporting management system.

AlkuperäiskieliEi tiedossa
OtsikkoVerification and Evaluation of Computer and Communication Systems - 12th International Conference, VECoS 2018, Grenoble, France, September 26-28, 2018, Proceedings
ToimittajatMohamed Faouzi Atig, Saddek Bensalem, Simon Bliudze, Bruno Monsuez
KustantajaSpringer
Sivut48–63
ISBN (elektroninen)978-3-030-00359-3
ISBN (painettu)978-3-030-00358-6
DOI - pysyväislinkit
TilaJulkaistu - 2018
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaInternational Conference on Verification and Evaluation of Computer and Communication Systems, VECoS - 12th International Conference on Verification and Evaluation of Computer and Communication Systems, VECoS 2018
Kesto: 26 syyskuuta 201828 syyskuuta 2018

Konferenssi

KonferenssiInternational Conference on Verification and Evaluation of Computer and Communication Systems, VECoS
Ajanjakso26/09/1828/09/18

Viittausmuodot