• DocumentCode
    3382630
  • Title

    Nomad: a security model with non atomic actions and deadlines

  • Author

    Cuppens, Frédéric ; Cuppens-Boulahia, Nora ; Sans, Thierry

  • Author_Institution
    GET/ENST-Bretagne, Cesson Sevigne, France
  • fYear
    2005
  • fDate
    20-22 June 2005
  • Firstpage
    186
  • Lastpage
    196
  • Abstract
    Modelling security policies requires means to specify permissions and prohibitions. However, this is generally not sufficient to express security properties such as availability and obligations must be also considered. By contrast to permissions and prohibitions, obligations are often associated with deadlines to specify bounded time availability requirements. In this case, a violation only occurs if the obliged action is not performed before the deadline. On the other hand, when specifying high level security policies, it is convenient to consider abstract non atomic actions. Since most access control mechanisms only deal with atomic actions such as read or write, these non atomic actions must be decomposed into more basic ones. In this paper, we define a formal security model called Nomad to express privileges on non atomic actions. This model combines deontic and temporal logics. In Nomad, we model conditional privileges and obligations with deadlines. We also formally analyze how privileges on non atomic actions can be decomposed into more basic privileges on elementary actions.
  • Keywords
    security of data; temporal logic; Nomad; deontic logic; formal security model; nonatomic actions; nonatomic deadlines; security policies; temporal logic; Access control; Authorization; Availability; Concrete; Data security; Database systems; History; Logic; Operating systems; Permission;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations, 2005. CSFW-18 2005. 18th IEEE Workshop
  • ISSN
    1063-6900
  • Print_ISBN
    0-7695-2340-4
  • Type

    conf

  • DOI
    10.1109/CSFW.2005.20
  • Filename
    1443206