Title :
Verifying enterprise´s mandatory access control policies with coloured Petri nets
Author :
Juszczyszyn, Krzysztof
Author_Institution :
Wroclaw Univ. of Technol., Poland
Abstract :
The paper addresses important problems met when implementing mandatory access control policies in complex distributed systems (e.g. enterprise networks). The role of formal security models is also presented and the properties of the model suitable for systems under consideration are defined. Then a formal security model, Secure Coloured Petri - using coloured Petri net´s semantics - is proposed. It is shown how the enterprise security management system may take advantage of the proposed model´s properties. Application of coloured Petri nets analysis and construction methods to information flow security analysis is also proposed and discussed.
Keywords :
Petri nets; authorisation; client-server systems; data flow analysis; formal verification; security of data; Secure Coloured Petri Net; coloured Petri nets; complex distributed systems; enterprise networks; enterprise security management; formal security model; information flow; mandatory access control; security analysis; Access control; Computer security; Data structures; Information analysis; Information security; Information systems; Lattices; Mathematical model; Paper technology; Petri nets;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on
Print_ISBN :
0-7695-1963-6
DOI :
10.1109/ENABL.2003.1231405
