• DocumentCode
    507488
  • Title

    Analyzing RBAC Security Policy of Implementation Using AST

  • Author

    Pham, Tuan-Hung ; Truong, Ninh-Thuan ; Nguyen, Viet-Ha

  • Author_Institution
    Coll. of Technol., Vietnam Nat. Univ., Hanoi, Vietnam
  • fYear
    2009
  • fDate
    13-17 Oct. 2009
  • Firstpage
    215
  • Lastpage
    219
  • Abstract
    Security policy is a critical property in software applications which require high levels of safety and security. It has to be clearly specified in requirement documents and its implementation must be conformed to the specification. In this paper, we propose an approach to check if the implementation is in accordance with its security policy specification. We use the abstract syntax tree (AST), another manner of expressing the program, to analyze the source code and specify user permission policy in software systems by role-based access control (RBAC).
  • Keywords
    authorisation; conformance testing; formal specification; source coding; AST; RBAC security policy; abstract syntax tree; role-based access control; software applications; source code; user permission policy; Access control; Databases; Educational institutions; Humans; Knowledge engineering; National security; Permission; Software safety; Software systems; Systems engineering and theory; AST; RBAC policy; conformance checking;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Knowledge and Systems Engineering, 2009. KSE '09. International Conference on
  • Conference_Location
    Hanoi
  • Print_ISBN
    978-1-4244-5086-2
  • Electronic_ISBN
    978-0-7695-3846-4
  • Type

    conf

  • DOI
    10.1109/KSE.2009.23
  • Filename
    5361703
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=507488