VAC - verifier of administrative role-based access control policies
VAC - verifier of administrative role-based access control policies
In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC). RBAC has become an increasingly popular access control model, particularly suitable for large organizations, and it is implemented in several software. Automatic security analysis of administrative RBAC systems is recognized as an important problem, as an analysis tool can help designers check whether their policies meet expected security properties. Vac converts administrative RBAC policies to imperative programs that simulate the policies both precisely and abstractly and supports several automatic verification back-ends to analyze the resulting programs. In this paper, we describe the architecture of Vac and overview the analysis techniques that have been implemented in the tool. We also report on experiments with several benchmarks from the literature.
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49
Lam Nguyen, Truc
0a373da7-0868-466d-a3b8-060868037acc
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
July 2014
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49
Lam Nguyen, Truc
0a373da7-0868-466d-a3b8-060868037acc
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
Ferrara, Anna Lisa, Madhusudan, P., Lam Nguyen, Truc and Parlato, Gennaro
(2014)
VAC - verifier of administrative role-based access control policies.
In 26th International Conference on Computer Aided Verification (CAV 2014).
vol. 8559,
8 pp
.
(doi:10.1007/978-3-319-08867-9_12).
Record type:
Conference or Workshop Item
(Paper)
Abstract
In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC). RBAC has become an increasingly popular access control model, particularly suitable for large organizations, and it is implemented in several software. Automatic security analysis of administrative RBAC systems is recognized as an important problem, as an analysis tool can help designers check whether their policies meet expected security properties. Vac converts administrative RBAC policies to imperative programs that simulate the policies both precisely and abstractly and supports several automatic verification back-ends to analyze the resulting programs. In this paper, we describe the architecture of Vac and overview the analysis techniques that have been implemented in the tool. We also report on experiments with several benchmarks from the literature.
Text
VAC14.pdf
- Accepted Manuscript
More information
e-pub ahead of print date: July 2014
Published date: July 2014
Venue - Dates:
26th International Conference on Computer Aided Verification (CAV 2014), , Wien, Austria, 2014-07-18 - 2014-07-22
Organisations:
Electronic & Software Systems
Identifiers
Local EPrints ID: 365363
URI: http://eprints.soton.ac.uk/id/eprint/365363
PURE UUID: 46d34fb8-63bb-4358-9351-1fcd59b967d6
Catalogue record
Date deposited: 03 Jun 2014 08:46
Last modified: 15 Mar 2024 20:41
Export record
Altmetrics
Contributors
Author:
Anna Lisa Ferrara
Author:
P. Madhusudan
Author:
Truc Lam Nguyen
Author:
Gennaro Parlato
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics