Title :
Security Analysis of Temporal-RBAC Using Timed Automata
Author :
Mondal, Samrat ; Sural, Shamik
Author_Institution :
Sch. of Inf. Technol., Indian Inst. of Technol., Kharagpur
Abstract :
Role Based Access Control (RBAC) is arguably the most common access control mechanism today due to its applicability at various levels of authorization in a system. Time varying nature of access control in RBAC administered systems is often implemented through Temporal-RBAC - an extension of RBAC in the temporal domain. In this paper, we propose an initial approach towards verification of security properties of a Temporal-RBAC system. Each role is mapped to a timed automaton. A controller automaton is used to activate and deactivate various roles. Security properties are specified using Computation Tree Logic (CTL) and are verified with the help of a model checking tool named Uppaal. We have specifically considered reachability, safety and liveness properties to show the usefulness of our approach.
Keywords :
authorisation; automata theory; formal verification; temporal logic; TRBAC specification; Uppaal model checking tool; computation tree logic; reachability property; role based access control; safety property; security property verification; system authorization; temporal-RBAC security analysis; timed automata; Access control; Automata; Clocks; Formal verification; Information analysis; Information security; Information technology; Logic; Performance analysis; Safety; CTL; Model Checking; Security Analysis; Temporal-RBAC; Timed Automata;
Conference_Titel :
Information Assurance and Security, 2008. ISIAS '08. Fourth International Conference on
Conference_Location :
Naples
Print_ISBN :
978-0-7695-3324-7
DOI :
10.1109/IAS.2008.10
