Abstract
Delegation is widely used in large organizations where access to systems needs to be controlled and often depends on the role of a user within the organization. Delegation allows to grant access rights under certain, often temporal conditions. Usually, a delegation policy specifies the authority to delegate, and an administrative delegation operation performs the changes in the authorization policy accordingly. Unfortunately, the consequences of these changes are not checked in common practice before delegation is ‘in-effect.’ In this work, we present a systematic, automated approach to verify, before the actual enforcement in the system, whether a subject has the right to perform delegation, and that this delegation will not introduce Separation of Duties’ (SoD) conflicts. We implement the delegation operation as an ATL transformation and apply our previous work on automatic transformation verification to check an authorization policy that is modified by a delegation policy. Our approach allows us to check, following an automated process: i) that delegation is only performed when conditions, for legitimate delegation, that we formalize using OCL, hold; ii) that the output of our transformation is always a valid authorization policy when it is obtained by executing the delegation operation using as input a valid authorization and delegation policy; iii) the absence of SoD’ conflicts in the resulting authorization policy, for which we provide patterns that can be instantiated following policy’s rules, as we illustrate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abassi, R., Fatmi, S.G.E.: Delegation management modeling in a security policy based environment. In: Bouhoula, A., Ida, T., Kamareddine, F. (eds.) SCSS. EPTCS, vol. 122, pp. 85–95 (2013)
Alam, M., Hafner, M., Breu, R.: Constraint based role based access control in the sectet–framework model-driven approach. Journal of Computer Security 16(2), 223–260 (2008)
Barka, E., Sandhu, R.: Role-based delegation model/hierarchical roles (rbdm1). In: 20th Annual Computer Security Applications Conference, pp. 396–404 (2004)
Barka, E., Sandhu, R.S.: Framework for role-based delegation models. In: 16th Annual Computer Security Applications Conference (ACSAC 2000), December 11-15. IEEE Computer Society, New Orleans (2000)
Basin, D., Clavel, M., Doser, J., Egea, M.: A metamodel-based approach for analyzing security-design models. In: Engels, G., Opdyke, B., Schmidt, D.C., Weil, F. (eds.) MODELS 2007. LNCS, vol. 4735, pp. 420–435. Springer, Heidelberg (2007)
Basin, D.A., Clavel, M., Egea, M.: A decade of model-driven security. In: Breu, R., Crampton, J., Lobo, J. (eds.) Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, June 15-17, pp. 1–10. ACM (2011)
Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: A delegation model for extended rbac. Int. J. Inf. Sec. 9(3), 209–236 (2010)
Büttner, F., Egea, M., Cabot, J.: On verifying atl transformations using ‘off-the-shelf’ smt solvers. In: France, R.B., Kazmeier, J., Breu, R., Atkinson, C. (eds.) MODELS 2012. LNCS, vol. 7590, pp. 432–448. Springer, Heidelberg (2012)
Büttner, F., Egea, M., Cabot, J., Gogolla, M.: Verification of atl transformations using transformation models and model finders. In: Aoki, T., Taguchi, K. (eds.) ICFEM 2012. LNCS, vol. 7635, pp. 198–213. Springer, Heidelberg (2012)
Crampton, J., Khambhammettu, H.: Delegation in role-based access control. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 174–191. Springer, Heidelberg (2006)
Damianou, N., Dulay, N., Lupu, E.C., Sloman, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)
Database Systems Group–University of Bremen: UML-based Specification Enviroment (2013), http://sourceforge.net/projects/useocl/
Eclipse Community: Eclipse modeling project – Kepler release (2013), http://www.eclipse.org/modeling/
Gaaloul, K., Zahoor, E., Charoy, F., Godart, C.: Dynamic authorisation policies for event-based task delegation. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 135–149. Springer, Heidelberg (2010)
Jouault, F., Allilaire, F., Bézivin, J., Kurtev, I.: Atl: A model transformation tool. Sci. Comput. Program. 72(1-2), 31–39 (2008)
Jürjens, J.: UMLsec: Extending uml for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)
Kuhlmann, M., Gogolla, M.: From UML and OCL to Relational Logic and Back. In: France, R.B., Kazmeier, J., Breu, R., Atkinson, C. (eds.) MODELS 2012. LNCS, vol. 7590, pp. 415–431. Springer, Heidelberg (2012)
Memon, M.A., Hashmani, M., Sohr, K.: Validation of temporary delegation and revocation of roles with uml and ocl. International Journal of Computer Theory and Engineering 2(1), 1793–8201 (2010)
Nguyen, P.H., Nain, G., Klein, J., Mouelhi, T., Traon, Y.L.: Model-driven adaptive delegation. In: AOSD, pp. 61–72 (2013)
OMG: Meta Object Facility (MOF) 2.0 Query/Views/Transformation Specification v1.1). Object Management Group, Inc. (2011), Internet: http://www.omg.org/spec/QVT/1.1
OMG: Meta Object Facility (MOF) Core Specification 2.4.1 (Document formal/2013-06-01). Object Management Group, Inc. (2013), Internet: http://www.omg.org/spec/MOF/2.4.1/PDF
Selim, G.M.K., Büttner, F., Cordy, J.R., Dingel, J., Wang, S.: Automated verification of model transformations in the automotive industry. In: Moreira, A., Schätz, B., Gray, J., Vallecillo, A., Clarke, P. (eds.) MODELS 2013. LNCS, vol. 8107, pp. 690–706. Springer, Heidelberg (2013)
Shin, M.E., Ahn, G.J.: Uml-based representation of role-based access control. In: IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2000), pp. 195–200. IEEE Computer Society (2000)
Sohr, K., Ahn, G.-J., Gogolla, M., Migge, L.: Specification and validation of authorisation constraints using uml and ocl. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 64–79. Springer, Heidelberg (2005)
Sohr, K., Kuhlmann, M., Gogolla, M., Hu, H., Ahn, G.J.: Comprehensive two-level analysis of role-based delegation and revocation policies with uml and ocl. Information & Software Technology 54(12), 1396–1417 (2012)
Tisi, M., Jouault, F., Fraternali, P., Ceri, S., Bézivin, J.: On the use of higher-order model transformations. In: Paige, R.F., Hartman, A., Rensink, A. (eds.) ECMDA-FA 2009. LNCS, vol. 5562, pp. 18–33. Springer, Heidelberg (2009)
Torlak, E., Jackson, D.: Kodkod: A Relational Model Finder. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 632–647. Springer, Heidelberg (2007)
Twidle, K.P., Dulay, N., Lupu, E., Sloman, M.: Ponder2: A policy system for autonomous pervasive environments. In: Calinescu, R., Liberal, F., Marín, M., Herrero, L.P., Turro, C., Popescu, M. (eds.) Fifth International Conference on Autonomic and Autonomous Systems, ICAS 2009, Valencia, Spain, April 20-25, pp. 330–335. IEEE Computer Society (2009)
Zhang, L., Ahn, G.J., Tseng Chu, B.: A rule-based framework for role-based delegation and revocation. ACM Trans. Inf. Syst. Secur. 6(3), 404–441 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Egea, M., Büttner, F. (2014). Verification of Authorization Policies Modified by Delegation. In: Heisel, M., Joosen, W., Lopez, J., Martinelli, F. (eds) Engineering Secure Future Internet Services and Systems. Lecture Notes in Computer Science, vol 8431. Springer, Cham. https://doi.org/10.1007/978-3-319-07452-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-07452-8_12
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07451-1
Online ISBN: 978-3-319-07452-8
eBook Packages: Computer ScienceComputer Science (R0)