Modelling and Verification of Dynamic Role-Based Access Control

  • Inna VistbakkaEmail author
  • Elena Troubitsyna
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11181)


Controlling access to resources is essential for ensuring correctness of system functioning. Role-Based Access Control (RBAC) is a popular authorisation model that regulates the user’s rights to manage system resources based on the user’s role. In this paper, we extend the traditional static approach to defining RBAC and propose as well as formalise a dynamic RBAC model. It allows a designer to explicitly define the dependencies between the system states and permissions to access and modify system resources. To facilitate a systematic description and verification of the dynamic access rights, we propose a contract-based approach and then we demonstrate how to model and verify dynamic RBAC in Event-B. The approach is illustrated by a case study – a reporting management system.


  1. 1.
    Abdunabi, R., Al-Lail, M., Ray, I., France, R.B.: Specification, validation, and enforcement of a generalized spatio-temporal role-based access control model. IEEE Syst. J. 7(3), 501–515 (2013)CrossRefGoogle Scholar
  2. 2.
    Abrial, J.R.: Modeling in Event-B. Cambridge University Press, Cambridge (2010)CrossRefGoogle Scholar
  3. 3.
    Cabot, J., Clarisó, R., Riera, D.: Verifying UML/OCL operation contracts. In: Leuschel, M., Wehrheim, H. (eds.) IFM 2009. LNCS, vol. 5423, pp. 40–55. Springer, Heidelberg (2009). Scholar
  4. 4.
    Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)CrossRefGoogle Scholar
  5. 5.
    Fuchs, L., Pernul, G., Sandhu, R.S.: Roles in information security - a aurvey and classification of the research area. Comput. Secur. 30(8), 748–769 (2011)CrossRefGoogle Scholar
  6. 6.
    Laibinis, L., Troubitsyna, E.: A contract-based approach to ensuring component interoperability in Event-B. In: Petre, L., Sekerinski, E. (eds.) From Action Systems to Distributed Systems - The Refinement Approach, pp. 81–96. Chapman and Hall/CRC (2016)Google Scholar
  7. 7.
    Leuschel, M., Butler, M.J.: ProB: an automated analysis toolset for the B method. STTT 10(2), 185–203 (2008)CrossRefGoogle Scholar
  8. 8.
    Meyer, B.: Design by contract: the Eiffel method. Proc. Tools 26, 446 (1998)Google Scholar
  9. 9.
    Milhau, J., Idani, A., Laleau, R., Labiadh, M., Ledru, Y., Frappier, M.: Combining UML, ASTD and B for the formal specification of an access control filter. ISSE 7(4), 303–313 (2011)Google Scholar
  10. 10.
    ProB: Animator and Model Checker. Accessed 06 June 2018
  11. 11.
    Rauf, I., Troubitsyna, E.: Generating cloud monitors from models to secure clouds. In: DSN 2018. IEEE Computer Society (2018, in print)Google Scholar
  12. 12.
    Rauf, I., Vistbakka, I., Troubitsyna, E.: Formal verification of stateful services with REST APIs using Event-B. In: IEEE ICWS 2018. IEEE (2018, in print)Google Scholar
  13. 13.
    Ray, I., Kumar, M., Yu, L.: LRBAC: a location-aware role-based access control model. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 147–161. Springer, Heidelberg (2006). Scholar
  14. 14.
    Rodin: Event-B platform. Accessed 06 June 2018
  15. 15.
    Sun, W., France, R.B., Ray, I.: Rigorous analysis of UML access control policy models. In: POLICY 2011, pp. 9–16. IEEE Computer Society (2011)Google Scholar
  16. 16.
    Tarasyuk, A., Troubitsyna, E., Laibinis, L.: Integrating stochastic reasoning into Event-B development. Formal Asp. Comput. 27(1), 53–77 (2015)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Troubitsyna, E., Laibinis, L., Pereverzeva, I., Kuismin, T., Ilic, D., Latvala, T.: Towards security-explicit formal modelling of safety-critical systems. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 213–225. Springer, Cham (2016). Scholar
  18. 18.
    Troubitsyna, E., Vistbakka, I.: Deriving and formalising safety and security requirements for control systems. In: SAFECOMP 2018. LNCS. Springer, Cham (2018, in print)Google Scholar
  19. 19.
    Vistbakka, I., Barash, M., Troubitsyna, E.: Towards creating a DSL facilitating modelling of dynamic access control in Event-B. In: Butler, M., Raschke, A., Hoang, T.S., Reichl, K. (eds.) ABZ 2018. LNCS, vol. 10817, pp. 386–391. Springer, Cham (2018). Scholar
  20. 20.
    Vistbakka, I., Troubitsyna, E.: Towards integrated modelling of dynamic access control with UML and Event-B. In: IMPEX/FM&MDD 2017. EPTCS, vol. 271, pp. 105–116 (2018)Google Scholar
  21. 21.
    Vistbakka, I., Troubitsyna, E., Kuismin, T., Latvala, T.: Co-engineering safety and security in industrial control systems: a formal outlook. In: Romanovsky, A., Troubitsyna, E.A. (eds.) SERENE 2017. LNCS, vol. 10479, pp. 96–114. Springer, Cham (2017). Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Åbo Akademi UniversityTurkuFinland
  2. 2.KTHStockholmSweden

Personalised recommendations