demonstration

Role-based trust management security policy analysis and correction environment (RT-SPACE)

Authors:

Mark Reith,

Jianwei Niu,

William H. WinsboroughAuthors Info & Claims

ICSE Companion '08: Companion of the 30th international conference on Software engineering

Pages 929 - 930

https://doi.org/10.1145/1370175.1370192

Published: 10 May 2008 Publication History

Get Access

Abstract

This paper presents RT-SPACE, a tool suite for authoring, verifying, and correcting RT access control policies. RT is a role-based trust management framework well suited for use in systems that must protect the interests of multiple stakeholders in a decentralized environment.

References

[1]

E. R. Gansner and S. C. North. An open graph visualization system and its applications to software engineering. Software ? Practice and Experience, 30(11):1203--1233, 2000.

Digital Library

Google Scholar

[2]

S. Jha, N. Li, M. Tripunitara, Q. Wang, and W. Winsborough. Towards formal verification of role-based access control policies. To appear in IEEE Trans. on Dependable & Secure Computing (TDSC).

Digital Library

Google Scholar

[3]

S. Jha and T. Reps. Model checking SPKI/SDSI. In Journal of Computer Security, volume 12, pages 317--353, 2004.

Digital Library

Google Scholar

[4]

J. Jurjens. Sound methods and effective tools for model-based security engineering with UML. In 27th ICSE, pages 322--331, 2005.

Digital Library

Google Scholar

[5]

N. Li, J. C. Mitchell, and W. H. Winsborough. Beyond proof-of-compliance: Security analysis in trust management. JACM, 52(3):474--514, 2005.

Digital Library

Google Scholar

[6]

K. McMillan. Symbolic Model Checking: An Approach to the State Explosion Problem. 1993.

Digital Library

Google Scholar

[7]

M. Reith, J. Niu, and W. H. Winsborough. Policy analysis framework for verification and correction. Technical Report CS-TR-2007-006, UTSA, 2007.

Google Scholar

[8]

A. P. Sistla and M. Zhou. Analysis of dynamic policies. In Foundations of Comp. Sec. & Automated Reasoning for Security Protocol Analysis, pages 233--262, 2006.

Google Scholar

Cited By

View all

Niu JReith MWinsborough W(2014)Formal verification of security properties in trust management policyJournal of Computer Security10.5555/2590636.259063922:1(69-153)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.5555/2590636.2590639
Liao CChang JLee IVenkatasubramanian K(2013)A trust model for vehicular network-based incident reports2013 IEEE 5th International Symposium on Wireless Vehicular Communications (WiVeC)10.1109/wivec.2013.6698224(1-5)Online publication date: Jun-2013
https://doi.org/10.1109/wivec.2013.6698224

Index Terms

Role-based trust management security policy analysis and correction environment (RT-SPACE)

Recommendations

Policy analysis for administrative role based access control without separate administration
Data and Applications Security

Role based access control RBAC is a widely used approach to access control with well-known advantages in managing authorization policies. This paper considers user-role reachability analysis of administrative role based access control ARBAC, which ...
Policy analysis for Administrative Role-Based Access Control

Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) models express the authority of ...
Policy Analysis for Administrative Role Based Access Control
CSFW '06: Proceedings of the 19th IEEE workshop on Computer Security Foundations

Role-Based Access Control (RBAC) is a widely used model for expressing access control policies. In large organizations, the RBAC policy may be collectively managed by many administrators. Administrative RBAC (ARBAC) is a model for expressing the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICSE Companion '08: Companion of the 30th international conference on Software engineering

May 2008

214 pages

ISBN:9781605580791

DOI:10.1145/1370175

General Chair:
Wilhelm Schäfer
University of Paderborn
,
Program Chairs:
Matthew B. Dwyer
University of Nebraska
,
Volker Gruhn
University of Leipzig

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 May 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Demonstration

Conference

ICSE '08

Sponsor:

ICSE '08: International Conference on Software Engineering

May 10 - 18, 2008

Leipzig, Germany

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
213
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Niu JReith MWinsborough W(2014)Formal verification of security properties in trust management policyJournal of Computer Security10.5555/2590636.259063922:1(69-153)Online publication date: 1-Jan-2014
https://dl.acm.org/doi/10.5555/2590636.2590639
Liao CChang JLee IVenkatasubramanian K(2013)A trust model for vehicular network-based incident reports2013 IEEE 5th International Symposium on Wireless Vehicular Communications (WiVeC)10.1109/wivec.2013.6698224(1-5)Online publication date: Jun-2013
https://doi.org/10.1109/wivec.2013.6698224

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Policy analysis for administrative role based access control without separate administration

Policy analysis for Administrative Role-Based Access Control

Policy Analysis for Administrative Role Based Access Control