Abstract
This paper proposes an approach to formally verify XACML policies using the process algebra mCRL2. XACML (eXtensible Access Control Markup Language) is an OASIS standard for access control systems that is much used in health care due to its fine-grained, attribute-based policy definitions, useful in dynamic environments such as emergency wards. A notorious problem in XACML is the detection of conflicts, which arise especially when combining policies, such as when health institutions merge. Our formal translation of XACML policies into mCRL2, using our automated tool XACML2mCRL2, enables us to verify the above property, called consistency, as well as other policy properties such as completeness and obligation enforcement. Verifying policy properties statically allows us to resolve inconsistencies in advance, thus avoiding situations where an access request is denied in a critical situation (e.g., in an ambulance, when lives may be put in danger) just because of incomplete or inconsistent policies. The mCRL2 toolset is especially useful for modeling behaviors of interactive systems, where XACML would be only one part. Therefore, we verify an access control system together with the intended health care system that it is supposed to protect. For this, we exemplify how to verify safety and liveness properties of an assisted living and community care system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The XACML version of all the rules and the corresponding mCRL2 specifications generated using our XACML2mCRL2 tool are available in [4].
- 2.
EU Horizon 2020 ECSEL Joint Undertaking project SCOTT – Secure COnnected Trustable Things (https://scottproject.eu/).
References
Aceto, L., Ingólfsdóttir, A., Larsen, K.G., Srba, J.: Reactive Systems: Modelling. Cambridge University Press, Specification and Verification, Cambridge (2007)
Ahn, G., Hu, H., Lee, J., Meng, Y.: Representing and reasoning about web access control policies. In: Proceedings of the 34th Annual IEEE International Computer Software and Applications Conference, COMPSAC 2010, Seoul, Korea, 19–23 July 2010, pp. 137–146. IEEE Computer Society (2010). https://doi.org/10.1109/COMPSAC.2010.20
Al-Issa, Y., Ottom, M.A., Tamrawi, A.: eHealth cloud security challenges: a survey. J. Healthcare Eng. 2019, 1–15 (2019). https://doi.org/10.1155/2019/7516035
Arshad, H., Horne, R., Johansen, C., Owe, O., Willemse, T.A.C.: GitHub repository for "Process Algebra Can Save Lives: Static Analysis of XACML Access Control Policies using mCRL2" (2022). https://github.com/haamedarshad/XACML2mCRL2
Bryans, J.W.: Reasoning about XACML policies using CSP. In: Proceedings of the 2nd ACM Workshop On Secure Web Services, SWS 2005, Fairfax, VA, USA, November 11, 2005, pp. 28–35. ACM (2005). https://doi.org/10.1145/1103022.1103028
Bryant, R.E.: Graph-based algorithms for Boolean function manipulation. IEEE Trans. Comput. 35(8), 677–691 (1986). https://doi.org/10.1109/TC.1986.1676819
Bunte, O., et al.: The mCRL2 toolset for analysing concurrent systems. In: Vojnar, T., Zhang, L. (eds.) TACAS 2019. LNCS, vol. 11428, pp. 21–39. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17465-1_2
Cantor, S., Moreh, J., Philpott, R., Maler, E.: Metadata for the OASIS security assertion markup language (SAML) V2.0 (2005). http://docs.oasis-open.org/security/saml/v2.0/
Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: 27th International Conference on Software Engineering (ICSE 2005), 15–21 May 2005, St. Louis, Missouri, USA, pp. 196–205. ACM (2005). https://doi.org/10.1145/1062455.1062502
Fokkink, W.: Modelling Distributed Systems. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73938-8
Fujita, M., McGeer, P.C., Yang, J.Y.: Multi-terminal binary decision diagrams: an efficient data structure for matrix representation. Formal Methods Syst. Des. 10(2), 149–169 (1997). https://doi.org/10.1023/A:1008647823331
Groote, J.F., Keiren, J.J.A.: Tutorial: designing distributed software in mCRL2. In: Peters, K., Willemse, T.A.C. (eds.) FORTE 2021. LNCS, vol. 12719, pp. 226–243. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78089-0_15
Groote, J.F., Keiren, J.J.A., Luttik, B., de Vink, E.P., Willemse, T.A.C.: Modelling and analysing software in mCRL2. In: Arbab, F., Jongmans, S.-S. (eds.) FACS 2019. LNCS, vol. 12018, pp. 25–48. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-40914-2_2
Groote, J.F., Mousavi, M.R.: Modeling and Analysis of Communicating Systems. MIT Press, Cambridge (2014)
Hathaliya, J.J., Tanwar, S.: An exhaustive survey on security and privacy issues in Healthcare 4.0. Comput. Commun. 153, 311–335 (2020). https://doi.org/10.1016/j.comcom.2020.02.018
Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978). https://doi.org/10.1145/359576.359585
Hu, H., Ahn, G., Kulkarni, K.: Anomaly discovery and resolution in web access control policies. In: 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, Innsbruck, Austria, June 15–17, 2011, Proceedings, pp. 165–174. ACM (2011). https://doi.org/10.1145/1998441.1998472
Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations. NIST Spec. Publ. (SP) 800(162), 1–47 (2014). https://doi.org/10.6028/NIST.SP.800-162
Kolovski, V., Hendler, J.A., Parsia, B.: Analyzing web access control policies. In: Proceedings of the 16th International Conference on World Wide Web, WWW 2007, Banff, Alberta, Canada, May 8–12, 2007, pp. 677–686. ACM (2007). https://doi.org/10.1145/1242572.1242664
Lifschitz, V.: What Is Answer Set Programming? In: Proceedings of the Twenty-Third AAAI Conference on Artificial Intelligence, AAAI 2008, Chicago, Illinois, USA, July 13–17, 2008, pp. 1594–1597. AAAI Press (2008). http://www.aaai.org/Library/AAAI/2008/aaai08-270.php
Lin, D., Rao, P., Bertino, E., Li, N., Lobo, J.: EXAM: a comprehensive environment for the analysis of access control policies. Int. J. Inf. Sec. 9(4), 253–273 (2010). https://doi.org/10.1007/s10207-010-0106-1
Marek, V.W., Truszczynski, M.: Stable models and an alternative logic programming paradigm. In: The Logic Programming Paradigm - A 25-Year Perspective, pp. 375–398. Artificial Intelligence, Springer, Cham (1999). https://doi.org/10.1007/978-3-642-60085-2_17
Morisset, C., Willemse, T.A.C., Zannone, N.: A framework for the extended evaluation of ABAC policies. Cybersecurity 2(1), 1–21 (2019). https://doi.org/10.1186/s42400-019-0024-0
Parducci, B., Lockhart, H., Rissanen, E.: Extensible access control markup language (XACML) version 3.0. OASIS Standard, pp. 1–154 (2013)
Ramli, C.D.P.K., Nielson, H.R., Nielson, F.: The logic of XACML. Sci. Comput. Program. 83, 80–105 (2014). https://doi.org/10.1016/j.scico.2013.05.003
Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: An algebra for fine-grained integration of XACML policies. In: 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, Stresa, Italy, June 3–5, 2009, Proceedings, pp. 63–72. ACM (2009). https://doi.org/10.1145/1542207.1542218
Ray, I., Ong, T.C., Ray, I., Kahn, M.G.: Applying attribute based access control for privacy preserving health data disclosure. In: IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI), pp. 1–4. IEEE, Las Vegas, NV, USA (2016). https://doi.org/10.1109/BHI.2016.7455820
Turkmen, F., den Hartog, J., Ranise, S., Zannone, N.: Formal analysis of XACML policies using SMT. Comput. Secur. 66, 185–203 (2017). https://doi.org/10.1016/j.cose.2017.01.009
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Arshad, H., Horne, R., Johansen, C., Owe, O., Willemse, T.A.C. (2022). Process Algebra Can Save Lives: Static Analysis of XACML Access Control Policies Using mCRL2. In: Mousavi, M.R., Philippou, A. (eds) Formal Techniques for Distributed Objects, Components, and Systems. FORTE 2022. Lecture Notes in Computer Science, vol 13273. Springer, Cham. https://doi.org/10.1007/978-3-031-08679-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-08679-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-08678-6
Online ISBN: 978-3-031-08679-3
eBook Packages: Computer ScienceComputer Science (R0)