Automated Verification of Dynamic Access Control Policies
Книга доступна в форматах: fb2 , pdf , epub
This manuscript advances the modelling and verification of access control policies by using automated knowledge-based symbolic model checking techniques. The key contributions of this manuscript are threefold: firstly, a modelling language that expresses dynamic access control policies with compound actions that update multiple variables; secondly, a knowledge-based verification algorithm that verifies properties over an access control policy that has compound actions; and finally, an automated tool, called X-Policy, which implements the algorithm. This research enables us to model and verify access control policies for web-based collaborative systems. It models and analyses a number of conference management systems and their security properties. It proposes the appropriate modifications to rectify the policies when possible. Ultimately, this research will allow us to model and verify more systems and help avoid the current situation.