Title | ||
---|---|---|
A verifiable formal specification for RBAC model with constraints of separation of duty |
Abstract | ||
---|---|---|
Formal method provides a way to achieve an exact and consistent definition of security for a given scenario. This paper presents a formal state-based verifiable RBAC model described with Z language, in which the state-transition functions are specified formally. Based on the separation of duty policy, the constraint rules and security theorems are constructed. Using a case study, we show how to specify and verify the consistency of formal RBAC system with theorem proving. By specifying RBAC model formally, it provides a precise description for the system security requirements. The internal consistency of this model can be validated by verification of the model. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1007/11937807_16 | Inscrypt |
Keywords | Field | DocType |
consistent definition,verifiable formal specification,formal method,system security requirement,z language,security theorem,rbac model,formal rbac system,case study,internal consistency,state-based verifiable rbac model,formal specification,theorem proving,system security,separation of duty,state transition | Computer science,Computer security,Automated theorem proving,Role-based access control,Proof theory,Formal specification,Verifiable secret sharing,Access control,Formal methods,Separation of duties | Conference |
Volume | ISSN | ISBN |
4318 | 0302-9743 | 3-540-49608-4 |
Citations | PageRank | References |
15 | 0.64 | 10 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Chunyang Yuan | 1 | 18 | 1.73 |
Yeping He | 2 | 77 | 14.64 |
Jian-Bo He | 3 | 21 | 1.36 |
Zhouyi Zhou | 4 | 17 | 1.38 |