EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Validation of IS Security Policies Featuring Authorisation Constraints

Yves Ledru, Akram Idani, Jérémy Milhau, Nafees Qamar, Régine Laleau, Jean-Luc Richier and Mohamed Amine Labiadh
Additional contact information
Yves Ledru: University Grenoble Alpes, LIG, Grenoble, France
Akram Idani: University Grenoble Alpes, LIG, Grenoble, France
Jérémy Milhau: Université Paris-Est, LACL, UPEC, IUT Sénart-Fontainebleau, France
Nafees Qamar: University Grenoble Alpes, LIG, Grenoble, France
Régine Laleau: Université Paris-Est, LACL, UPEC, IUT Sénart-Fontainebleau, France
Jean-Luc Richier: CNRS, LIG, Grenoble, France
Mohamed Amine Labiadh: University Grenoble Alpes, LIG, Grenoble, France

International Journal of Information System Modeling and Design (IJISMD), 2015, vol. 6, issue 1, 24-46

Abstract: Designing a security policy for an information system (IS) is a non-trivial task. Variants of the RBAC model can be used to express such policies as access-control rules associated to constraints. In this paper, we advocate that currently available tools do not take sufficiently into account the functional description of the application and its impact on authorisation constraints and dynamic aspects of security. The authors suggest translating both security and functional models into a formal language, such as B, whose analysis and animation tools will help validate a larger set of security scenarios. The authors describe how various kinds of constraints can be expressed and animated in this context. The authors also present a tool support which performs this translation and report on a case study where animation and testing techniques were used to validate the security policy of a medical emergency information system.

Date: 2015
References: Add references at CitEc
Citations:

Downloads: (external link)
http://services.igi-global.com/resolvedoi/resolve. ... 18/ijismd.2015010102 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:igg:jismd0:v:6:y:2015:i:1:p:24-46

Access Statistics for this article

International Journal of Information System Modeling and Design (IJISMD) is currently edited by Thierry O. C. Edoh

More articles in International Journal of Information System Modeling and Design (IJISMD) from IGI Global
Bibliographic data for series maintained by Journal Editor ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-19
Handle: RePEc:igg:jismd0:v:6:y:2015:i:1:p:24-46