Sciweavers

ENTCS
2007

On the Decidability of the Safety Problem for Access Control Policies

13 years 11 months ago
On the Decidability of the Safety Problem for Access Control Policies
An access control system regulates the rights of users to gain access to resources in accordance with a specified policy. The rules in this policy may interact in a way that is not obvious via human inspection; there is, therefore, a need for automated verification techniques that can check whether a policy does indeed implement some desired security requirement. Thirty years ago, a formalisation of access control presented a model and a safety specification for which satisfaction is undecidable. Subsequent research, aimed at finding restricted versions that obtain the decidability of this problem, yielded models without satisfactory expressive power for practical systems. Instead of restricting the model, we reexamine the safety specification. We develop a new logic that can express a wide variety of safety properties over access control systems, and show that model checking is decidable for a useful fragment of this logic.
E. Kleiner, T. Newcomb
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2007
Where ENTCS
Authors E. Kleiner, T. Newcomb
Comments (0)