期刊文献+

基于模型检测的URA-SAP安全性验证

URA-SAP Security Verification Based on Model Checking for RBAC Access Control Systems
原文传递
导出
摘要 在RBAC访问控制系统的安全性分析问题(RBAC-SAP)中,用户-角色分配相关的安全性分析问题(URA-SAP)是其中最重要的一个子问题,即用户-角色分配关系的变化对系统安全性的影响问题。提出了一种将URA-SAP转化为模型检测问题的自动化验证算法,实验表明采用该算法并结合现有的模型检测工具可以有效地解决URA-SAP问题。 User-role assignment security analysis is the most important thing in security analysis of in RBAC access control systems, that is to say, the changes of user-role assignment have notable impact on the system security. Based on the definition and computational complexity of this problem, an automatic verification algorithm, which translates URA-SAP into model checking problem, is proposed in this paper. Experiment indicates that this algorithm, in combination with the existing model checking tool, could effectively solve the problem of URA-SAP security verification.
作者 邹林 潘理
出处 《信息安全与通信保密》 2010年第6期71-73,81,共4页 Information Security and Communications Privacy
基金 国家自然科学基金资助项目(批准号:60903191) 国家高技术研究发展计划(863)资助项目(编号:2007AA01Z457)
关键词 安全分析 模型检测 SAP问题 security analysis model checking SAP
  • 相关文献

参考文献6

  • 1Li Ninghui,MitchellJ C,Winsborough W H.Beyond Proof-of-compliance:Security Analysis in Trust Management[J].Journal of the ACM(JACM),2005,52(03):474-514.
  • 2Sandhu R S,Bhamidipati V,Munawer Q.The ARBAC97 Model for Role-Based Administration of Roles[J].ACM Trans.Information and Systems Security,1999,02(01):105-135.
  • 3Jha Somesh,Li Ninghui,Wang Qihua.Toward Formal Verification of Role-Based Access Control Policies]J].IEEE Transactions on Dependable and Secure Computing,2008,05(04):242-255.
  • 4Jackson D.Alloy:A Lightweight Object Modeling Notation[J].ACM Trans.Sofiw.Eng.Methodol,2002,11(02):256-290.
  • 5Sandhu R S,Munawer Q.Role-based Administration of User-role Assignment:The URA97 Model and Its Oracle Implementation[J].Journal of Computer Security,1999,07(04):317-5342.
  • 6吴世忠.信息安全风险管理的动态与趋势[J].信息安全与通信保密,2007,29(3):14-17. 被引量:2

共引文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部