This thesis advances the modelling and verification of access control policies by using automated knowledge-based symbolic model checking techniques. The key contributions of this thesis are threefold: firstly, a modelling language that expresses dynamic access control policies with compound actions that update multiple variables; secondly, a knowledge-based verification algorithm that verifies properties over an access control policy that has compound actions; and finally, an automated tool, called X-Policy, which implements the algorithm. This research enables us to model and verify access control policies for web-based collaborative systems. We model and analyse a number of conference management systems and their security properties. We ...
The last years have seen the definition of many languages, models and standards tailored to specify ...
Abstract. We develop a modeling technique based on interpreted systems in or-der to verify temporal-...
peer reviewedThe issue of representing access control requirements continues to demand significant a...
Access control is one of the most fundamental security mechanisms used in the design and management ...
Access control represents an important part of security in software systems, since access control p...
The evolution of classical information systems has introduced new technologies and services forinfor...
International audienceIn the security domain, the access control consists in specifying who can acce...
AbstractAn access control system regulates the rights of users to gain access to resources in accord...
Autonomic communication and computing is the new paradigm for dynamic service integration over a net...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
Access control system is an important component to protect patients’ information from abuse in a hea...
Abstract: Access control is one of the building blocks of network security and is often managed by n...
AbstractConfidentiality of information is an important aspect that developers should take into consi...
Access control is a mechanism which defmes and controls the privileges of users in a system. Nowaday...
Abstract—As the number and sophistication of on-line ap-plications increase, there is a growing conc...
The last years have seen the definition of many languages, models and standards tailored to specify ...
Abstract. We develop a modeling technique based on interpreted systems in or-der to verify temporal-...
peer reviewedThe issue of representing access control requirements continues to demand significant a...
Access control is one of the most fundamental security mechanisms used in the design and management ...
Access control represents an important part of security in software systems, since access control p...
The evolution of classical information systems has introduced new technologies and services forinfor...
International audienceIn the security domain, the access control consists in specifying who can acce...
AbstractAn access control system regulates the rights of users to gain access to resources in accord...
Autonomic communication and computing is the new paradigm for dynamic service integration over a net...
Access control is the traditional center of gravity of computer security [1]. People specify access ...
Access control system is an important component to protect patients’ information from abuse in a hea...
Abstract: Access control is one of the building blocks of network security and is often managed by n...
AbstractConfidentiality of information is an important aspect that developers should take into consi...
Access control is a mechanism which defmes and controls the privileges of users in a system. Nowaday...
Abstract—As the number and sophistication of on-line ap-plications increase, there is a growing conc...
The last years have seen the definition of many languages, models and standards tailored to specify ...
Abstract. We develop a modeling technique based on interpreted systems in or-der to verify temporal-...
peer reviewedThe issue of representing access control requirements continues to demand significant a...