Abstract
We present an approach that addresses both formal specification and verification as well as runtime enforcement of RBAC access control policies including application specific constraints such as separation of duties (SoD). We introduce Temporal \(\cal{Z}\), a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC and SoD constraints. An aspect-oriented language with domain specific concepts for RBAC and SoD constraints is used for the runtime enforcement of policies. Enforcement aspects are automatically generated from Temporal \(\cal{Z}\) specifications hence avoiding the possibility of errors and inconsistencies that may be introduced when enforcement code is written manually. Furthermore, the use of aspects ensures the modularity of the enforcement code and its separation from the business logic.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3 (2000)
Ligatti, J., Bauer, L., Walker, D.W.: Enforcing non-safety security policies with program monitors. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 355–373. Springer, Heidelberg (2005)
Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for Role-based Access Control: Towards a Unified Standard. In: Proc. of RBAC. ACM, New York (2000)
Gligor, V.D., Gavrila, S.I., Ferraiolo, D.F.: On the formal definition of separation-of-duty policies and their composition. In: Proc. of Symposium on Security and Privacy. IEEE, Los Alamitos (1998)
Spivey, M.: The Z notation: a reference manual. Prentice Hall International Ltd., Englewood Cliffs (1992)
Manna, Z., Pnueli, A.: The temporal logic of reactive and concurrent systems. Springer, Heidelberg (1992)
Ostermann, K., Mezini, M., Bockisch, C.: Expressive pointcuts for increased modularity. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 214–240. Springer, Heidelberg (2005)
Meisels, I., Saaltink, M.: The Z/EVES reference manual (v 1.5) (1997)
Basin, D., Doser, J., Lodderstedt, T.: Model driven security: From UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15 (2006)
Neumann, G., Strembeck, M.: An approach to engineer and enforce context constraints in an RBAC environment. In: Proc. of SACMAT. ACM Press, New York (2003)
Schaad, A., Lotz, V., Sohr, K.: A model-checking approach to analysing organisational controls in a loan origination process. In: Proc. of SACMAT. ACM, New York (2006)
Regayeg, A., Kacem, A.H., Jmaiel, M.: Towards a formal methodology for designing multi-agent applications. In: Eymann, T., Klügl, F., Lamersdorf, W., Klusch, M., Huhns, M.N. (eds.) MATES 2005. LNCS, vol. 3550, pp. 153–164. Springer, Heidelberg (2005)
Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C.V., Loingtier, J.-M., Irwin, J.: Aspect-Oriented Programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)
Ahn, G.J.: Specification and Classification of Role-based Authorization Policies. In: Proc. of WETICE. IEEE, Los Alamitos (2003)
Kallel, S., Charfi, A., Mezini, M., Jmaiel, M.: Combining formal methods and aspects for specifying and enforcing architectural invariants. In: Murphy, A.L., Vitek, J. (eds.) COORDINATION 2007. LNCS, vol. 4467, pp. 211–230. Springer, Heidelberg (2007)
Kallel, S., Charfi, A., Mezini, M., Jmaiel, M.: Aspect-based enforcement of formal delegation policies. In: Proc. of CRISIS. IEEE, Los Alamitos (2008)
Song, E., Reddy, R., France, R., Ray, I., Georg, G., Alexander, R.: Verifiable composition of access control and application features. In: Proc. of SACMAT. ACM, New York (2005)
Ray, I., Li, N., France, R., Kim, D.K.: Using UML to visualize role-based access control constraints. In: Proc. of SACMAT. ACM Press, New York (2004)
Duke, R., Smith, G.: Temporal logic and Z specifications. Australian Computer Journal 21, 62–66 (1989)
Colcombet, T., Fradet, P.: Enforcing trace properties by program transformation. In: Proc. of POPL. ACM Press, New York (2000)
Stolz, V., Bodden, E.: Temporal assertions using AspectJ. In: Proc. of 5th Workshop on Runtime Verification. ENTCS (2005)
Chen, K., Lin, C.-W.: An aspect-oriented approach to declarative access control for web applications. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds.) APWeb 2006. LNCS, vol. 3841, pp. 176–188. Springer, Heidelberg (2006)
Verhanneman, T., Piessens, F., Win, B.D., et al.: Implementing a modular access control service to support application-specific policies in caesarJ. In: Proc. of AOMD. ACM Press, New York (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kallel, S., Charfi, A., Mezini, M., Jmaiel, M., Klose, K. (2009). From Formal Access Control Policies to Runtime Enforcement Aspects. In: Massacci, F., Redwine, S.T., Zannone, N. (eds) Engineering Secure Software and Systems. ESSoS 2009. Lecture Notes in Computer Science, vol 5429. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00199-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-00199-4_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00198-7
Online ISBN: 978-3-642-00199-4
eBook Packages: Computer ScienceComputer Science (R0)