Ali E. Abdallah

A Formal Model for Parameterized Role-Based Access Control

Role-Based Access Control (RBAC) usually enables a higher level view of authorization. In this model, access permissions are assigned to roles and, in turn, roles are allocated to subjects. The usefulness of the RBAC model is well documented. It includes simplicity, consistency, scalability and ease of manageability. In practice, however, only limited versions of RBAC seem to have been successfully implemented, notably in applications such as databases and operating systems. The problem stems from the fact that most applications require a finer degree of authorization than what core RBAC models are able to provide. In theory, current RBAC models can be adapted to capture fine grained authorizations by dramatically increasing the number of distinct roles in these models. However, this solution comes at an unacceptably high cost of allocating low level privileges which eliminates the major benefits gained from having a high level RBAC model.

Communicating Sequential Processes. The First 25 Years

Semantic Foundations.- Retracing the Semantics of CSP.- Seeing Beyond Divergence.- Refinement and Simulation.- Process Algebra: A Unifying Approach.- Linking Theories of Concurrency.- Hardware Synthesis.- CSP, occam and Transputers.- Models for Data-Flow Sequential Processes.- Implementation of Handshake Components.- Transactions.- A Trace Semantics for Long-Running Transactions.- Practical Application of CSP and FDR to Software Design.- Concurrent Programming.- Communicating Mobile Processes.- Model-Based Design of Concurrent Programs.- Linking Theories.- Of Probabilistic wp and CSP-and Compositionality.- Order, Topology, and Recursion Induction in CSP.- Security.- Verifying Security Protocols: An Application of CSP.- Shedding Light on Haunted Corners of Information Security.- Automated Development and Model Checking.- Operational Semantics for Fun and Profit.- On Model Checking Data-Independent Systems with Arrays with Whole-Array Operations.- Industrial Strength CSP.- Industrial Strength CSP: Opportunities and Challenges in Model-Checking.- Applied Formal Methods - From CSP to Executable Hybrid Specifications.

Formal behavioural synthesis of Handel-C parallel hardware implementations from functional specifications

Enormous improvements in efficiency can be achieved through exploiting parallelism and realizing implementation in hardware. On the other hand, conventional methods for achieving these improvements are traditionally costly, complex and error prone. Two significant advances in the past decade have radically changed these perceptions. Firstly, the FPGA, which gives us the ability to reconfigure hardware through software, dramatically reducing the costs of developing hardware implementations. Secondly, the language Handel-C with primitive explicit parallelism which can compile programs down to an FPGA. In this paper, we build on these recent technological advances and present a systematic approach of behavioural synthesis. Starting with an intuitive high level functional specification of a problem, given without annotation of parallelism, the approach aims at deriving an efficient parallel implementation in Handel-C, which is subsequently compiled into a circuit implemented on reconfigurable hardware. Algebraic laws are systematically used for exposing implicit parallelism and transforming the specification into a collection of interacting components. Formal methods based on data refinement and a small library of higher order functions are then used to derive behavioural description in Handel-C of each component. A small case study illustrates the use of this approach.

Derivation of Parallel Algorithms from Functional Specifications to CSP Processes

A transformational programming approach is proposed as a means for developing a class of parallel algorithms from clear functional specifications to efficient networks of communicating sequential processes (CSP). A foundation for the systematic refinement of functional specifications into CSP processes is established. Techniques for exhibiting implicit parallelism in functional specification are developed. Their use is illustrated by deriving new efficient parallel algorithms to several problems. Derivation and reasoning are conducted in an equational style using the calculus for program synthesis developed by Bird and Meertens.

Threat modeling approaches and tools for securing architectural designs of an e-banking application

Software is the most important line of defense for protecting critical information assets such as in e-banking. The continuous increase in sophistication and in volume of cyber security attacks provides compelling reasons for enhancing the security of software applications that control critical assets. There is a broad acceptance that in order to produce dependable and secure applications, developers need to “build security in” throughout the software development lifecycle (SDL). Threat Modeling is essential for building security in at all the SDL stages and in particular at the design stage. In the last few years, several innovative approaches to threat modeling have emerged and recently some supporting tools have become available. Using the Microsoft SDL tool as an example, this paper elaborates, illustrates and discusses the threat modeling process and its usefulness to the architectural designs of an e-banking application. This paper also seeks for a critical reflection on different approaches and tools, accounting for the complexity and difficulty of the process.

Formal Aspects of Security

Much about our computing systems has changed since reference monitors were first introduced, 30 years ago. Reference monitors haven’t—at least, until recently—but new forms of execution monitoring are now possible, largely due to research done in the formal methods and programming languages communities. This talk will discuss these new approaches: why they are attractive, what can be done, what has been done, and what problems remain.

Functional Process Modelling

In order to develop generic skeleton solutions for general parallel architectures, it is necessary to formulate the design within a concurrency framework such as CSP [284]. Often parallel functional programs [505] show peculiar behaviours which are only understandable in the sole terms of concurrency rather than relying on hidden implementation details.

Formal Modelling of a Usable Identity Management Solution for Virtual Organisations

This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication. We introduce the Audited Credential Delegation (ACD) architecture as a solution to some of the virtual organisations identity management usability problems. The approach uses two complementary models: one is state based, described in Z notation, and the other is event-based, expressed in the Process Algebra of Hoares Communicating Sequential Processes (CSP). The former will be used to capture the state of the WS and to model back-end operations on it whereas the latter will be used to model behavior, and in particular, front-end interactions and communications. The modelling helps to clearly and precisely understand functional and security requirements and provide a basis for verifying that the system meets its intended requirements.

Synthesis of Massively Pipelined Algorithms for List Manipulation

This paper presents new, efficient, massively pipelined algorithms for several list manipulation operations. Transformational programming is used in the development of these algorithms from clear functional specifications to networks of linearly connected communicating processes in CSP. The derivation of each algorithm is achieved by transforming the specification into an instance of a generic parallel functional form called pipe pattern and then refining this into CSP. The approach is demonstrated by transforming quadratic functional algorithms for sorting, removing duplicates, and calculating the difference between two lists, into pipelined versions running in linear time with a linear number of processors. The refinement from functions to CSP processes is based on a formal treatment given in earlier work by the author. Derivation and reasoning are conducted using Bird-Meertens Formalism.

A formal model for flat role-based access control

Summary form only given. Role-based access control (RBAC) is very useful for providing a high level description of access control. It enables a better understanding of the security problems in an institution because it bridges the gap between their technical aspects and their managerial descriptions. Several models have been devised to describe RBAC. However, the definitions of some of the concepts of RBAC, such as subject, role and permission, were open to many interpretations. Also, the devised models for RBAC, did not detail the analysis of the access operations in RBAC. We formalize each of the basic concepts of RBAC for their definitions to be clear and precise. Based on these definitions, a formal state-based model for flat role based access control (FRBAC) is constructed and described in the specification notation Z. This approach permits the close examination of the states in the system. Consequently, it helps to analyse in depth the access operations of RBAC. The model is also refined by supporting the concepts of active roles and private permissions. In the future, the model can be enhanced by extending it to model the delegation and revocation of roles. Other developments of this model include the support of the separation of duty constraints.