Title :
Analyzing RBAC Security Policy of Implementation Using AST
Author :
Pham, Tuan-Hung ; Truong, Ninh-Thuan ; Nguyen, Viet-Ha
Author_Institution :
Coll. of Technol., Vietnam Nat. Univ., Hanoi, Vietnam
Abstract :
Security policy is a critical property in software applications which require high levels of safety and security. It has to be clearly specified in requirement documents and its implementation must be conformed to the specification. In this paper, we propose an approach to check if the implementation is in accordance with its security policy specification. We use the abstract syntax tree (AST), another manner of expressing the program, to analyze the source code and specify user permission policy in software systems by role-based access control (RBAC).
Keywords :
authorisation; conformance testing; formal specification; source coding; AST; RBAC security policy; abstract syntax tree; role-based access control; software applications; source code; user permission policy; Access control; Databases; Educational institutions; Humans; Knowledge engineering; National security; Permission; Software safety; Software systems; Systems engineering and theory; AST; RBAC policy; conformance checking;
Conference_Titel :
Knowledge and Systems Engineering, 2009. KSE '09. International Conference on
Conference_Location :
Hanoi
Print_ISBN :
978-1-4244-5086-2
Electronic_ISBN :
978-0-7695-3846-4
DOI :
10.1109/KSE.2009.23
