Integration of Security Policy into System Modeling

  • Nazim Benaïssa
  • Dominique Cansell
  • Dominique Méry
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4355)


We address the proof-based development of (system) models satisfying a security policy. The security policy is expressed in a model called OrBAC, which allows one to state permissions and prohibitions on actions and activities and belongs to the family of role-based access control formalisms. The main question is to validate the link between the security policy expressed in OrBAC and the resulting system; a first abstract B model is derived from the OrBAC specification of the security policy and then the model is refined to introduce properties that can be expressed in OrBAC. The refinement guarantees that the resulting B (system) model satisfies the security policy. We present a generic development of a system with respect to a security policy and it can be instantiated later for a given security policy.


refinement integration security policy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: 4th IEEE International Workshop on Policies for Distributed Systems and Networks (Policy 2003) (June 2003)Google Scholar
  2. 2.
    Abrial, J.-R.: Etude systéme: méthode et exemple,
  3. 3.
    Abrial, J.R.: The B Book - Assigning Programs to Meanings. Cambridge University Press, Cambridge (1996)zbMATHCrossRefGoogle Scholar
  4. 4.
    Back, R.-J., von Wright, J.: Refinement Calculus. Springer, Heidelberg (1998)zbMATHGoogle Scholar
  5. 5.
    Bell, D.E., LaPadula, L.J.: Secure computer systems: Unified exposition and multics interpretation. MTR-2997 (ESD-TR-75-306), available as NTIS AD-A023 588, MITRE Corporation (1976)Google Scholar
  6. 6.
    Biba, K.: Integrity consideration for secure computer systems. Technical Report MTR-3153, MITRE Corporation (1975)Google Scholar
  7. 7.
    Cansell, D., Méry, D.: Logical foundations of the B method. Computers and Informatics 22 (2003)Google Scholar
  8. 8.
    Chandy, K.M., Misra, J.: Parallel Program Design A Foundation. Addison-Wesley, Reading (1988)zbMATHGoogle Scholar
  9. 9.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. The MIT Press, Cambridge (2000)Google Scholar
  10. 10.
    ClearSy. Web site B4free set of tools for development of B models (2004)Google Scholar
  11. 11.
    Cuppens, F.: Orbac web page,
  12. 12.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed nist standard for role-based access control. ACM Transactions on Information and System Security 4(3), 222–274 (2001)CrossRefGoogle Scholar
  13. 13.
    Gavrila, S.I., Barkley, J.F.: Formal specification for role based access control user/role and role/role relationship management. In: ACM Workshop on Role-Based Access Control, pp. 81–90 (1998)Google Scholar
  14. 14.
    Lampson, B.: Protection. In: Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437–443. Princeton University (1971)Google Scholar
  15. 15.
    Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Nazim Benaïssa
    • 2
    • 3
  • Dominique Cansell
    • 1
    • 3
  • Dominique Méry
    • 2
    • 3
  1. 1.Université de Metz 
  2. 2.Université Henri Poincaré Nancy 1 
  3. 3.LORIAVandoevre-lès-NancyFrance

Personalised recommendations