EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies

Andrea Margheri (), Massimiliano Masi (), Rosario Pugliese () and Francesco Tiezzi ()
Additional contact information
Andrea Margheri: Dipartimento di Statistica, Informatica, Applicazioni "G. Parenti", Università di Firenze - Dipartimento di Informatica, Università di Pisa
Massimiliano Masi: Tiani "Spirit" GmbH, Vienna, Austria
Rosario Pugliese: Dipartimento di Statistica, Informatica, Applicazioni "G. Parenti", Università di Firenze, https://www.disia.unifi.it
Francesco Tiezzi: Università di Camerino

No 2016_05, Econometrics Working Papers Archive from Universita' degli Studi di Firenze, Dipartimento di Statistica, Informatica, Applicazioni "G. Parenti"

Abstract: Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined, fully-implemented framework for the specification, analysis and enforcement of attribute-based access control policies. The framework rests on FACPL, a formal language with a compact, yet expressive, syntax that permits expressing real-world access control policies. By relying on the FACPL denotational semantics, we devise a constraint formalism that uniformly represents access control policies in terms of SMT formulae, whose solvers provide effective and efficient analysis. To this aim, we introduce and formalise a set of properties that permit assessing the authorisations enforced by policies and understanding the relationships among them. Our analysis approach explicitly addresses the role of missing attributes, erroneous values and obligations, that are crucial in policy evaluation and are instead overlooked in other proposals. The framework is supported by Java-based tools that allow access control system developers to use formally-defined functionalities without requiring them to be familiar with formal methods.

Keywords: Attribute-based Access Control; Policy Languages; Policy Analysis; SMT (search for similar items in EconPapers)
Pages: 52 pages
Date: 2016-04
References: View complete reference list from CitEc
Citations:

Downloads: (external link)
https://labdisia.disia.unifi.it/wp_disia/2016/wp_disia_2016_05.pdf First version, 2016-04 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:fir:econom:wp2016_05

Access Statistics for this paper

More papers in Econometrics Working Papers Archive from Universita' degli Studi di Firenze, Dipartimento di Statistica, Informatica, Applicazioni "G. Parenti" Viale G.B. Morgagni, 59 - I-50134 Firenze - Italy. Contact information at EDIRC.
Bibliographic data for series maintained by Fabrizio Cipollini ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-17
Handle: RePEc:fir:econom:wp2016_05