Title :
Rigorous Analysis of Temporal Access Control Properties in Mobile Systems
Author :
Al-Lail, Mustafa ; Abdunabi, Ramadan ; France, Robert B. ; Ray, I.
Author_Institution :
Comput. Sci. Dept., Colorado State Univ., Fort Collins, CO, USA
Abstract :
Access control models must be analyzed to uncover flaws that can be exploited to gain unauthorized access. The UML has been used to describe access control models and there are a number of proposed approaches for analyzing UML access control models. Practical support for checking UML access control models against temporal properties is still lacking. In this paper, we describe a lightweight approach to analyzing a UML model of security policies against linear temporal properties. The access control policies are based on a generalized spatio-temporal role-based access control (GSTRBAC) model. We use a demonstration case study to show how the approach can be used to uncover access control problems.
Keywords :
Unified Modeling Language; authorisation; mobile computing; GSTRBAC model; UML access control models; generalized spatio-temporal role-based access control model; linear temporal property; mobile systems; temporal access control property; Access control; Analytical models; Context; Context modeling; Mobile communication; Object oriented modeling; Unified modeling language; Access Control; Snapshot; Temporal; Validation;
Conference_Titel :
Engineering of Complex Computer Systems (ICECCS), 2013 18th International Conference on
Conference_Location :
Singapore
Print_ISBN :
978-0-7695-5007-7
DOI :
10.1109/ICECCS.2013.43
