Title :
Verification of access control coherence in information system during modifications
Author :
Goncalves, Giles ; Hemery, Fred ; Poniszewska, Aneta
Author_Institution :
Univ. d´´Artois, Bethune, France
Abstract :
The paper deals with management of access control in an information system. It is suggested that the security of an information system should be a task solved on two principal levels: system development level and security administration level. Consequently, the responsibility for creating effective security measures for an information system ought to lie with both the application developer and the global administration. Moreover, sets of security constraints should be formulated also on those two levels. The paper defines requirements and obligations of each level using adapted tools based on the role-based access control (RBAC) model and employing the object-oriented conception method with UML (Unified Modeling Language). It is shown how the process of addition of a new application to an information system may be automated and how the administrator can be assisted in detecting incoherences or/and determining new relations between the elements existing in a system, such as roles or permissions.
Keywords :
authorisation; formal verification; information systems; specification languages; Unified Modeling Language; access control coherence; information system security; role-based access control; security administration level; security constraints; system development level; Access control; Collaborative work; Conferences; Information systems; International collaboration;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on
Print_ISBN :
0-7695-1963-6
DOI :
10.1109/ENABL.2003.1231413
