Skip to main content
SpringerLink
Log in

Concurrent Usage Control Implementation Verification Using the SPIN Model Checker

  • Conference paper
Recent Trends in Network Security and Applications (CNSA 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 89))

Included in the following conference series:

Abstract

The UCON A usage control authorization model supports concurrency and the model left issue of synchronizing usage control processes to the implementation. Manual verification of application specific concurrent usage control implementation is a hard problem. In this paper, we show the usage of a formal verification tool, the SPIN model checker, for verifying the correctness of the concurrent usage control implementation. We also provide an illustrative case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Transactions on Information and System Security 7(1), 128–174 (2004)

    Article  Google Scholar 

  2. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Transactions on Information and System Security 8(4), 351–387 (2005)

    Article  Google Scholar 

  3. Zhang, X., Sandhu, R.: Safety analysis of usage control authorization models. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, Taipei, Taiwan, pp. 243–254 (2006)

    Google Scholar 

  4. Wing, J.M.: A symbiotic relationship between formal methods and security. In: Proceedings of the Computer Security, Dependability and Assurance: From Needs to Solutions, York, UK, pp. 26–38 (1998)

    Google Scholar 

  5. Naldurg, P., Schwoon, S., Rajamani, S., Lambert, J.: NETRA: Seeing through access control. In: The 4th ACM Workshop on Formal Methods in Security Engineering, Fairfax, Virginia, pp. 55–66 (2006)

    Google Scholar 

  6. Guelev, D.P., Ryan, M., Schobbens, P.: Model checking access control policies. In: Proceedings of the Seventh Information Security Conference, Palo Alto, USA, pp. 219–230 (2004)

    Google Scholar 

  7. Zhang, N., Guelev, D.P., Ryan, M.: Synthesising verified access control systems through model checking. Journal of Computer Security 16(1), 1–6 (2007)

    Google Scholar 

  8. Martin, E., Xie, T.: A fault model and mutation testing of access control policies. In: Proceedings of the 16th ACM International Conference on World Wide Web, New York, USA, pp. 667–676 (2007)

    Google Scholar 

  9. Pretschner, A., Hilty, M., Basin, D., Schaefer, C., Walter, T.: Mechanisms for usage control. In: ACM Symposium on Information, Computer and Communications Security, Tokyo, Japan, pp. 240–244 (2008)

    Google Scholar 

  10. Janicke, H., Cau, A., Siewe, F., Zedan, H.: Concurrent enforcement of usage control policies. In: Proceedings of the IEEE Workshop on Policies for Distributed Systems and Networks, Palisades, NY, USA, pp. 111–118 (June 2008)

    Google Scholar 

  11. Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Software verification with blast. In: Ball, T., Rajamani, S.K. (eds.) SPIN 2003. LNCS, vol. 2648, pp. 235–239. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular verification of software components in c. IEEE Transactions on Software Engineering 30(6), 388–402 (2004)

    Article  Google Scholar 

  13. Holzmann, G.J.: The model checker spin. IEEE Trans. on Software Engineering 23, 279–295 (1997)

    Article  Google Scholar 

  14. Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M.: Nusmv: A new symbolic model verifier. In: Proceedings of the 11th International Conference on Computer Aided Verification,Trento, Italy, pp. 495–499 (1996)

    Google Scholar 

  15. Lffer, S., Serhrouchni, A.: Creating implementations from promela models. In: Proceedings of Second SPIN Workshop, New Jersey, USA (1996)

    Google Scholar 

  16. Rajkumar, P.V., Ghosh, S.K., Dasgupta, P.: An end to end correctness verification approach for application specific usage control. In: Proceedings of the Fourth IEEE International Conference on Industrial and Information Systems, pp. 122–136 (December 2009)

    Google Scholar 

  17. Rajkumar, P.V., Ghosh, S.K., Dasgupta, P.: Application specific usage control implementation verification. International Journal of Network Security and Its Applications 1(3), 116–128 (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Technology, Indian Institute of Technology, Kharagpur, 721 302, India

    P. V. Rajkumar & S. K. Ghosh

  2. Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, 721 302, India

    P. Dasgupta

Authors
  1. P. V. Rajkumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. K. Ghosh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. P. Dasgupta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Jackson State University, Jackson, MS, USA

    Natarajan Meghanathan

  2. CNAM / CEDRIC, Paris, France

    Selma Boumerdassi

  3. University of Calcutta, Calcutta, India

    Nabendu Chaki

  4. Wireilla Net Solutions PTY Ltd, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rajkumar, P.V., Ghosh, S.K., Dasgupta, P. (2010). Concurrent Usage Control Implementation Verification Using the SPIN Model Checker. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14478-3_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14477-6

  • Online ISBN: 978-3-642-14478-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation