Title :
Specifying and enforcing constraints in dynamic access control policies
Author :
Essaouini, Nada ; Cuppens, Frederic ; Cuppens-Boulahia, Nora ; Abou El Kalam, Anas
Author_Institution :
Telecom Bretagne, France
Abstract :
Constraints in access control models are used to organize access privileges in order to avoid fraudulent situations. Ensuring that the constraints are satisfied during the evolution of the system is an important issue. Thus, there is a need to have a formal reasoning language in order to express the constraints policy and to prove that the constraints are always satisfied. In this work, we propose a formal language based on the deontic logic of actions and situation calculus. The proposed language is easy to use to specify various constraints mentioned in the literature. In addition, we formally specify the condition to prove that the system specification is secure with respect to the access control requirements.
Keywords :
authorisation; constraint handling; formal languages; inference mechanisms; process algebra; access control requirements; access privileges; constraints policy; deontic logic; dynamic access control policies; formal reasoning language; fraudulent situations; situation calculus; system evolution; Authorization; Calculus; Cognition; Databases; Electronic mail; Prototypes;
Conference_Titel :
Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on
Conference_Location :
Toronto, ON
Print_ISBN :
978-1-4799-3502-4
DOI :
10.1109/PST.2014.6890951
