Policy Analysis for Self-administrated Role-Based Access Control

  • Anna Lisa Ferrara
  • P. Madhusudan
  • Gennaro Parlato
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7795)


Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is known for the analysis of ARBAC policies without separate administration, and the state space explosion that this results in precludes building effective tools. In contrast, the separate administration assumption greatly simplifies the analysis since it makes it sufficient to track only one user at a time. However, separation limits the expressiveness of the models and restricts modeling distributed administrative control. We undertake a fundamental study of analysis of ARBAC policies without the separate administration restriction, and show that analysis algorithms can be built that track only a bounded number of users, where the bound depends only on the number of administrative roles in the system. Using this fundamental insight paves the way for us to design an involved heuristic to further tame the state space explosion in practical systems. Our results are also very effective when applied on policies designed under the separate administration restriction. We implement our techniques and report on experiments conducted on several realistic case studies.


Security Analysis Access Control Policy Pruning Algorithm Role Goal Pruning Rule 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
  3. 3.
  4. 4.
    Ferrara, A.L., Madhusudan, P., Parlato, G.: Security analysis of access control policies through program verification. In: CSF, pp. 113–125. IEEE (2012)Google Scholar
  5. 5.
    Crampton, J.: Understanding and developing role-based administrative models. In: CCS, pp. 158–167. ACM (2005)Google Scholar
  6. 6.
    Ferraiolo, D., Kuhn, R.: Role-based access control. In: NCSC, pp. 554–563 (1992)Google Scholar
  7. 7.
    Gofman, M.I., Luo, R., Solomon, A.C., Zhang, Y., Yang, P., Stoller, S.D.: RBAC-PAT: A Policy Analysis Tool for Role Based Access Control. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 46–49. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Jayaraman, K., Ganesh, V., Tripunitara, M., Rinard, M.C., Chapin, S.J.: Arbac policy for a large multi-national bank (2010),
  9. 9.
    Jayaraman, K., Ganesh, V., Tripunitara, M.V., Rinard, M.C., Chapin, S.J.: Automatic error finding in access-control policies. In: CCS, pp. 163–174. ACM (2011)Google Scholar
  10. 10.
    Jha, S., Li, N., Tripunitara, M.V., Wang, Q., Winsborough, W.H.: Towards formal verification of role-based access control policies. IEEE Trans. Dependable Sec. Comput. 5(4), 242–255 (2008)CrossRefGoogle Scholar
  11. 11.
    Kern, A.: Advanced features for enterprise-wide role-based access control. In: ACSAC, pp. 333–342. IEEE (2002)Google Scholar
  12. 12.
    La Torre, S., Madhusudan, P., Parlato, G.: Analyzing recursive programs using a fixed-point calculus. In: PLDI, pp. 211–222. ACM (2009)Google Scholar
  13. 13.
    Li, N., Mao, Z.: Administration in role-based access control. In: ASIACCS, pp. 127–138. ACM (2007)Google Scholar
  14. 14.
    Li, N., Tripunitara, M.V.: Security analysis in role-based access control. In: SACMAT, pp. 126–135. ACM (2004)Google Scholar
  15. 15.
  16. 16.
    Sandhu, R.S., Bhamidipati, V., Munawer, Q.: The arbac97 model for role-based administration of roles. ACM Trans. Inf. Syst. Secur. 2(1), 105–135 (1999)CrossRefGoogle Scholar
  17. 17.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  18. 18.
    Sandhu, R.S., Munawer, Q.: The arbac99 model for administration of roles. In: ACSAC, pp. 229–238. IEEE (1999)Google Scholar
  19. 19.
    Sasturkar, A., Yang, P., Stoller, S.D., Ramakrishnan, C.R.: Policy analysis for administrative role based access control. Tech. Rep., Stony Brook Univ. (2006)Google Scholar
  20. 20.
    Sasturkar, A., Yang, P., Stoller, S.D., Ramakrishnan, C.R.: Policy analysis for administrative role based access control. In: CSFW, pp. 124–138. IEEE (2006)Google Scholar
  21. 21.
    Stoller, S.D., Yang, P., Gofman, M.I., Ramakrishnan, C.R.: Symbolic reachability analysis for parameterized administrative role-based access control. Computers & Security 30(2-3), 148–164 (2011)CrossRefGoogle Scholar
  22. 22.
    Stoller, S.D., Yang, P., Ramakrishnan, C.R., Gofman, M.I.: Efficient policy analysis for administrative role based access control. In: CCS, pp. 445–455. ACM (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Anna Lisa Ferrara
    • 1
  • P. Madhusudan
    • 2
  • Gennaro Parlato
    • 3
  1. 1.University of BristolUK
  2. 2.University of IllinoisUSA
  3. 3.University of SouthamptonUK

Personalised recommendations