ALPS: An Action Language for Policy Specification and Automated Safety Analysis

  • Silvio Ranise
  • Riccardo Traverso
Conference paper

DOI: 10.1007/978-3-319-11851-2_10

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)
Cite this paper as:
Ranise S., Traverso R. (2014) ALPS: An Action Language for Policy Specification and Automated Safety Analysis. In: Mauw S., Jensen C.D. (eds) Security and Trust Management. STM 2014. Lecture Notes in Computer Science, vol 8743. Springer, Cham

Abstract

Authorization conditions of access control policies are complex and varied as they might depend, e.g., on the current time, the position of the users, selected parts of the system state, and even on the history of the computations. Several models, languages, and enforcement mechanisms have been proposed for different scenarios. Unfortunately, this complicates the verification of safety, i.e. no permission is leaked to unauthorized users. To avoid these problems, we present an intermediate language called Action Language for Policy Specification. Two desiderata drive its definition: (i) it should support as many models and policies as possible and (ii) it should be easily integrated in existing verification systems so that robust techniques (e.g., model checking or satisfiability solving) can be exploited to safety. We argue (i) by using selected examples of access control models and policies taken from the literature. For (ii), we prove some theoretical properties of the language that pave the way to the definition of automatic translations to available verification techniques.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Silvio Ranise
    • 1
  • Riccardo Traverso
    • 1
  1. 1.FBK (Fondazione Bruno Kessler)TrentoItaly

Personalised recommendations