Title of article
Specification and Refinement of Access Control
Author/Authors
Méry, Dominique Nancy University LORIA, France , Merz, Stephan INRIA Nancy LORIA, France
From page
1073
To page
1093
Abstract
Abstract: We consider the extension of fair event system specifications by concepts of access control (prohibitions, user rights, and obligations). We give proof rules for veri- fying that an access control policy is correctly implemented in a system, and consider preservation of access control by refinement of event systems. Prohibitions and obliga- tions are expressed as properties of traces and are preserved by standard refinement notions of event systems. Preservation of user rights is not guaranteed by construction; we propose to combine implementation-level user rights and obligations to implement high-level user rights.
Keywords
access control , event systems , refinement
Journal title
International Journal of Universal Computer Sciences
Journal title
International Journal of Universal Computer Sciences
Record number
2574609
Link To Document