Title :
Automatically verifying STRAC policy
Author :
Guo Yunchuan ; Yin Lihua ; Li Chao
Author_Institution :
Inst. of Inf. Eng., Beijing, China
fDate :
April 27 2014-May 2 2014
Abstract :
In the IoT (Internet of Things), inconsistent ACP (Access Control Policies) would cause disastrous consequences, for example, fire disasters and failures of cardiac pacemakers, as a result, ACP should be verified before they are applied. Tediousness and error-proneness of manual verifications make automatic and formal verification necessary. In this paper, timed automata is presented to formally model the STRAC (Spatio-Temporal Access Control based on Reputation, one policy for the IoT) policies and CTL (Computation Tree Logic) is adopted to describe the properties that should be satisfied by these policies. Then model checker UPPAAL is proposed to automatically verify whether STRAC policies conform to security properties. Experiment results show that our approach is effective.
Keywords :
Internet of Things; authorisation; automata theory; computability; formal verification; ACP; CTL; Internet of Things; IoT; STRAC; access control policies; automatic verification; computation tree logic; formal verification; model checker UPPAAL; security properties; spatiotemporal access control based on reputation; timed automata; Access control; formal methods; security policy;
Conference_Titel :
Computer Communications Workshops (INFOCOM WKSHPS), 2014 IEEE Conference on
Conference_Location :
Toronto, ON
DOI :
10.1109/INFCOMW.2014.6849195
