Rewrite Based Specification of Access Control Policies | Zendy

Horatiu Cirstea | Zendy; PierreEtienne Moreau | Zendy; Anderson Santana de Oliveira | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Rewrite Based Specification of Access Control Policies

Author(s) -

Horatiu Cirstea,

PierreEtienne Moreau,

Anderson Santana de Oliveira

Publication year - 2009

Publication title -

electronic notes in theoretical computer science

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.242

H-Index - 60

ISSN - 1571-0661

DOI - 10.1016/j.entcs.2009.02.071

Subject(s) - access control , computer science , information leakage , mandatory access control , discretionary access control , computer security , state (computer science) , security policy , control (management) , computer access control , state information , role based access control , information security , information protection policy , programming language , artificial intelligence

Data protection within information systems is one of the main concerns in computer systems security and different access control policies can be used to specify the access requests that should be granted or denied. These access control mechanisms should guarantee that information can be accessed only by authorized users and thus prevent all information leakage. We propose a methodology for specifying and implementing access control policies using the rewrite based framework Tom. This approach allows us to check that any reachable state obtained following a granted access in the implementation satisfies the policy specification. We show that when security levels are not totally ordered some information leakage can be detected

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research