Skip to main content
SpringerLink
Log in

ASASP: Automated Symbolic Analysis of Security Policies

  • Conference paper
Book cover Automated Deduction – CADE-23 (CADE 2011)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 6803))

Included in the following conference series:

Abstract

We describe asasp, a symbolic reachability procedure for the analysis of administrative access control policies. The tool represents access policies and their administrative actions as formulae of the Bernays-Shönfinkel-Ramsey class and then uses a symbolic reachability procedure to solve security analysis problems. Checks for fix-point—reduced to satisfiability problems—are mechanized by Satisfiability Modulo Theories solving and Automated Theorem Proving. asasp has been successfully applied to the analysis of benchmark problems arising in (extensions of) the Role-Based Access Control model. Our tool shows better scalability than a state-of-the-art tool on a significant set of instances of these problems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alberti, F., Armando, A., Ranise, S.: Efficient Symbolic Automated Analysis of Administrative Role Based Access Control Policies. In: ASIACCS (2011)

    Google Scholar 

  2. Ghilardi, S., Ranise, S.: Backward Reachability of Array-based Systems by SMT solving: Termination and Invariant Synthesis. In: LMCS, vol. 6(4) (2010)

    Google Scholar 

  3. Ghilardi, S., Ranise, S.: MCMT: A Model Checker Modulo Theories. In: Giesl, J., Hähnle, R. (eds.) IJCAR 2010. LNCS, vol. 6173, pp. 22–29. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  4. Gofman, M.I., Luo, R., Yang, P.: User-Role Reachability Analysis of Evolving Administrative Role Based Access Control. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 455–471. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. iProver, http://www.cs.man.ac.uk/~korovink/iprover

  6. Ramsey, F.P.: On a problem in formal logic. Proc. of the London Mathematical Society, 264–286 (1930)

    Google Scholar 

  7. Sasturkar, A., Yang, P., Stoller, S.D., Ramakrishnan, C.R.: Policy analysis for administrative role based access control. In: 19th CSF Workshop. IEEE, New York (2006)

    Google Scholar 

  8. SMT- LIB: http://www.smt-lib.org

  9. SPASS, http://www.spass-prover.org

  10. Stoller, S.D., Yang, P., Ramakrishnan, C.R., Gofman, M.I.: Efficient policy analysis for administrative role based access control. In: ACM CCS (2007)

    Google Scholar 

  11. TPTP, http://www.cs.miami.edu/~tptp

  12. Z3, http://research.microsoft.com/projects/z3/

Download references

Author information

Authors and Affiliations

  1. Università della Svizzera Italiana, Lugano (Svizzera), Italia

    Francesco Alberti

  2. Università degli Studi di Genova, Italia

    Alessandro Armando

  3. FBK-Irst, Trento, Italia

    Alessandro Armando & Silvio Ranise

Authors
  1. Francesco Alberti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alessandro Armando
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Silvio Ranise
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research, One Microsoft Way, 98052-6399, Redmond, WA, USA

    Nikolaj Bjørner

  2. Max-Planck-Institut für Informatik, Campus E 1.4, 66123, Saarbrücken, Germany

    Viorica Sofronie-Stokkermans

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alberti, F., Armando, A., Ranise, S. (2011). ASASP: Automated Symbolic Analysis of Security Policies. In: Bjørner, N., Sofronie-Stokkermans, V. (eds) Automated Deduction – CADE-23. CADE 2011. Lecture Notes in Computer Science(), vol 6803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22438-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22438-6_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22437-9

  • Online ISBN: 978-3-642-22438-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation