Security automata integrated XACML and security validation

Author

Deng, Juan ; Brooks, Ricahrd ; Taiber, Joachim

Author_Institution

Holcombe Dept. of Electr. & Comput. Eng., Clemson Univ., Clemson, SC, USA

fYear

2010

fDate

18-21 March 2010

Firstpage

338

Lastpage

343

Abstract

Extensible Access Control Markup Language is an OASIS ratified standard that defines and enforces control policies. XACML bases access control on static user or resource attributes, which fails for a large class of security policies. Security automata specify security policies that base decisions on changing user or resource states. This paper extends XACML to support security automata. We demonstrate the extended XACML on a location-aware application for connected vehicles. We analyze the security of the extended XACML system. We secure the system with TLS and verify the system security using the Failure Divergence Refinement (FDR) and Casper tools.

Keywords

XML; automata theory; formal verification; security of data; OASIS ratified standard; XACML system; casper tool; extensible access control markup language; failure divergence refinement tool; location-aware application; security automata; security validation; Access control; Authorization; Automata; Computer security; Data security; Information security; Markup languages; Testing; Vehicles; XML;

fLanguage

English

Publisher

ieee

Conference_Titel

IEEE SoutheastCon 2010 (SoutheastCon), Proceedings of the

Conference_Location

Concord, NC

Print_ISBN

978-1-4244-5854-7

Type

conf

DOI

10.1109/SECON.2010.5453856

Filename

5453856