An Incremental B-Model for RBAC-Controlled Electronic Marking System

The incremental development of software through the addition of new features and the insertion of new access rules potentially renders the access control models inconsistent and creates security flaws. This paper proposes modeling Role Based Access Control (RBAC) models of these software using the B language and re-evaluating the consistency of the models following model changes. It shows the mechanism of formalizing RBAC policies of an Electronic Marking System (EMS) using B specifications and illustrates the verification of the consistency of the RBAC specification, using model checking and proof obligations. In addition, it shows how to address inconsistencies that result from incremental specification of system' architectures.

MoreLess

Year of publication:	2016
Authors:	Aziz, Benjamin ; Al-hadhrami, Nasser ; Othmane, Lotfi ben
Published in:	International Journal of Secure Software Engineering (IJSSE). - IGI Global, ISSN 1947-3044, ZDB-ID 2703749-6. - Vol. 7.2016, 2 (01.04.), p. 37-64
Publisher:	IGI Global
Subject:	Incremental Software Development \| Model Checking \| Proof Obligations \| Role-Based Access Control Constraints

More details

Type of publication:	Article
Language:	English
Other identifiers:	10.4018/IJSSE.2016040103 [DOI]
Source:	Other ZBW resources

Persistent link: https://www.econbiz.de/10012048073