An Incremental B-Model for RBAC-Controlled Electronic Marking System
The incremental development of software through the addition of new features and the insertion of new access rules potentially renders the access control models inconsistent and creates security flaws. This paper proposes modeling Role Based Access Control (RBAC) models of these software using the B language and re-evaluating the consistency of the models following model changes. It shows the mechanism of formalizing RBAC policies of an Electronic Marking System (EMS) using B specifications and illustrates the verification of the consistency of the RBAC specification, using model checking and proof obligations. In addition, it shows how to address inconsistencies that result from incremental specification of system' architectures.
Year of publication: |
2016
|
---|---|
Authors: | Aziz, Benjamin ; Al-hadhrami, Nasser ; Othmane, Lotfi ben |
Published in: |
International Journal of Secure Software Engineering (IJSSE). - IGI Global, ISSN 1947-3044, ZDB-ID 2703749-6. - Vol. 7.2016, 2 (01.04.), p. 37-64
|
Publisher: |
IGI Global |
Subject: | Incremental Software Development | Model Checking | Proof Obligations | Role-Based Access Control Constraints |
Saved in:
Online Resource
Saved in favorites
Similar items by subject
-
On diagnostic checking of vector ARMA-GARCH models with Gaussian and Student-t innovations
Wang, Yongning, (2013)
-
Towards Inference and Learning in Dynamic Bayesian Networks using Generalized Evidence
Langmead, Christopher J., (2008)
-
Client and User Involvement Through BIM-Related Technologies
Ventura, Silvia Mastrolembo, (2017)
- More ...