Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

Alessandro Armando; Silvio Ranise

首页> 外文期刊>Journal of computer security >Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

【24h】

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

机译：通过SMT解决方案对基于管理角色的访问控制策略进行可扩展的自动符号分析

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Administrative Role Based Access Control (ARBAC) is one of the most widespread framework for the management of access-control policies. Several automated analysis techniques have been proposed to help maintaining desirable security properties of ARBAC policies. One of the main limitation of available analysis techniques is that the set of users is bounded. In this paper, we propose a symbolic framework to overcome this limitation. We design an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques. An extensive experimental evaluation confirms the scalability of the proposed technique.

机译：基于管理角色的访问控制（ARBAC）是管理访问控制策略的最广泛的框架之一。已经提出了几种自动分析技术来帮助维持ARBAC策略的理想安全性。可用分析技术的主要限制之一是用户集是有界的。在本文中，我们提出了一个符号框架来克服此限制。我们设计了一种自动分析技术，该技术可以通过适应使用一阶逻辑和SMT解决技术的无限状态系统的符号模型检查的最新方法，来处理无限数量的用户。广泛的实验评估证实了所提出技术的可扩展性。

著录项

来源
《Journal of computer security》 |2012年第4期|309-352|共44页
作者
Alessandro Armando; Silvio Ranise;
展开▼
作者单位

DIST, Universita degli Studi di Genova, Gennva, Italy,Security and Trust Unit, FBK, Trento, Italy;

Security and Trust Unit, FBK, Trento, Italy;

展开▼
收录信息美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
decidability of the unbounded user-role reachability problem; automated analysis; infinite state model checking; automated theorem proving; satisfiability modulo theories;

机译：无限的用户角色可达性问题的可判定性;自动分析;无限状态模型检查;自动定理证明;可满足性模理论;
入库时间 2022-08-18 02:49:02

相似文献

外文文献
中文文献
专利

1. Symbolic reachability analysis for parameterized administrative role-based access control [J] . Scott D. Stoller, Ping Yang, Mikhail I. Gofman, Computers & Security . 2011,第2a3期

机译：符号可达性分析，用于基于参数化的基于角色的管理访问控制
2. Policy analysis for Administrative Role-Based Access Control [J] . Amit Sasturkar, Ping Yang, Scott D. Stoller, Theoretical computer science . 2011,第44期

机译：基于管理角色的访问控制的策略分析
3. Automated Verification Of Access Control Policies Using A Sat Solver [J] . Graham Hughes, Tevfik Bultan International Journal on Software Tools for Technology Transfer . 2008,第6期

机译：使用Sat解算器自动验证访问控制策略
4. Security Analysis of Administrative Role-Based Access Control Policies with Contextual Information [C] . Khai Kim Quoc Dinh, Tuan Due Tran, Anh Truong International conference on future data and security engineering . 2017

机译：具有上下文信息的基于管理角色的访问控制策略的安全性分析
5. Efficient policy analysis for administrative role based access control. [D] . Gofman, Mikhail I. 2008

机译：基于管理角色的访问控制的有效策略分析。
6. A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach [O] . Santiago Figueroa-Lorenzo, Javier Añorga, Saioa Arrizabalaga 2019

机译：Modbus SCADA系统中的基于角色的访问控制模型。集中模型方法
7. Automated Safety Analysis of Administrative Temporal Role-Based Access Control (ATRBAC) Policies using Mohawk+T [O] . Shahen Jonathan 2016

机译：使用Mohawk + T的管理性基于时间的基于角色的访问控制（ATRBAC）策略的自动安全性分析
8. Scalable Authorization in Role-Based Access Control Using Negative Permissions and Remote Authorization [R] . Shah, A. P. 2003

机译：使用否定权限和远程授权的基于角色的访问控制中的可扩展授权

Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving

摘要

著录项

相似文献

相关主题

期刊订阅