Specification and Refinement of Access Control - INRIA - Institut National de Recherche en Informatique et en Automatique Accéder directement au contenu
Article Dans Une Revue Journal of Universal Computer Science Année : 2007

Specification and Refinement of Access Control

Dominique Méry
Proof-oriented development of computer-based systems
CV
Stephan Merz
Proof-oriented development of computer-based systems

Résumé

We consider the extension of fair event system specifications by concepts of access control (prohibitions, user rights, and obligations). We give proof rules for verifying that an access control policy is correctly implemented in a system, and consider preservation of access control by refinement of event systems. Prohibitions and obligations are expressed as properties of traces and are preserved by standard refinement notions of event systems. Preservation of user rights is not guaranteed by construction; we propose to combine implementation-level user rights and obligations to implement high-level user rights.

Domaines

Logique en informatique [cs.LO]

Stephan Merz  : Connectez-vous pour contacter le contributeur

https://inria.hal.science/inria-00147824

Soumis le : lundi 21 mai 2007-10:38:10

Dernière modification le : vendredi 24 mars 2023-14:52:48

Fichier non déposé

Dates et versions

inria-00147824 , version 1 (21-05-2007)

Identifiants

  • HAL Id : inria-00147824 , version 1

Citer

Dominique Méry, Stephan Merz. Specification and Refinement of Access Control. Journal of Universal Computer Science, 2007, 13 (8), pp.1073-1093. ⟨inria-00147824⟩

Exporter

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

CNRS INRIA UNIV-LORRAINE INRIA2 LORIA
101 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More