Pierre Konopacki

A Design by Contract Approach to Verify Access Control Policies

In the security domain, access control (AC) consists in specifying who can access to what and how, with the four well-known concepts of permission, prohibition, obligation and separation of duty. In this paper, we focus on role-based access control (RBAC) models and more precisely on the verification of formal RBAC models. We propose a solution for this verification issue, based on the use of the Tamago platform. In Tamago, functional contracts can be defined with pre/post conditions and deterministic automata. The Tamago platform provides tools for static verifications of these contracts, generation of test scenarios from the abstract contracts and monitoring facilities for dynamic analyses. We have extended the platform to take into account AC aspects. AC rules, expressed in a subset of EB3SEC, a process algebra-based language, are translated into pre and post conditions of new security contracts. We have also adapted the test case generator to derive suitable test scenarios and the monitoring framework by adding a new security component.

Expressing Access Control Policies with an Event-Based Approach

Information systems are widely used and help in the management of huge quantities of data. Generally, these data are valuable or sensitive, their access must be restricted to granted users. Security is a mandatory requirement for information systems. Several methods already exist to express access control policies, but few of them support all kinds of constraints that can be defined in access control policies. In this paper, we present EB 3 SEC, a language used to formally model and interpret access control policies in information systems. Permissions, prohibitions and static separation of duty are specified by a class diagram. As EB 3 SEC includes a process algebra, dynamic access control constraints such as obligations and dynamic separation of duty can be easily expressed. Finally, we present the architecture of the tool used to interpret EB 3 SEC models.

Specification and verification of access control policies in EB 3 SEC: work in progress

Information systems are widely used and help in the management of huge quantities of data. Generally, these data are valuable or sensitive, their access must be restricted to granted users. Security is a mandatory requirement for information systems. Several methods already exist to express access control policies, but few of them, like eb3sec, support all kinds of constraints that can be defined in access control policies. In this paper, we present how to use eb3sec to express two kinds of access control constraints : permissions and prohibitions. Once, constraints are expressed, we provide algorithms to verify that the model of the policy do not lead to deadlock.