• DocumentCode
    1921645
  • Title

    Formal Analyses of Usage Control Policies

  • Author

    Pretschner, Alexander ; Ruesch, J. ; Schaefer, Christian ; Walter, Thomas

  • Author_Institution
    Fraunhofer IESE, Tech. Univ. Kaiserslautern, Kaiserslautern
  • fYear
    2009
  • fDate
    16-19 March 2009
  • Firstpage
    98
  • Lastpage
    105
  • Abstract
    Usage control is a generalization of access control that also addresses how data is handled after it is released. Usage control requirements are specified in policies. We present tool support for the following analysis problems. Is a policy consistent, i.e., satisfiable? Is an abstractly specified usage control mechanism capable of enforcing a given policy? Can we configure such a mechanism by analyzing respective policies? In the context of propagation, where upon re-distribution of data duties may only be increased and rights decreased, can we check if a policy is only strengthened in this sense? - Our solution uses a model checker as theorem prover and is based on a translation of usage control policies into a linear time logic (LTL) dialect. We provide evidence that even complex policies can be analyzed efficiently.
  • Keywords
    authorisation; formal logic; formal verification; theorem proving; access control; data duties; linear time logic dialect; model checker; theorem prover; usage control policies; Access control; Automatic control; Availability; Data security; Distributed control; Logic; Specification languages; Writing; access control; model checking; obligations; policies; usage control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security, 2009. ARES '09. International Conference on
  • Conference_Location
    Fukuoka
  • Print_ISBN
    978-1-4244-3572-2
  • Electronic_ISBN
    978-0-7695-3564-7
  • Type

    conf

  • DOI
    10.1109/ARES.2009.100
  • Filename
    5066460
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1921645