基于模型检测的工作流访问控制策略验证被引量：3

Validation of access control policies of workflow management system based on model checking

下载PDF

导出

摘要访问控制策略的有效性对工作流管理系统的安全稳定运行具有重要影响,针对这一问题,提出了一种基于模型检测的工作流管理系统访问控制策略验证方法。建立了工作流管理系统的访问控制策略模型与工作流执行主体任务权限状态模型,并在此基础上对访问控制策略的有效性进行验证。实验表明该算法具有有效性和合理性,为访问控制策略的验证提供了一条新的解决途径。 The validity of access control policies seriously affects the safe and stable operation of the workflow management system. To deal with this problem, this paper presented a validation method of access control policies of the workflow management system based on the model checking. On the basis of the establishment of the access control policy model and the task permission state of the subjects of the workflow management system the effectiveness of policies were validated. The experiments show that the algorithm is effective and rational, and provides a new solution to validate the access control polices.

作者陈妍唐成华吴丹

机构地区北京理工大学计算机网络攻防对抗技术实验室桂林电子科技大学计算机与控制学院

出处《计算机应用研究》 CSCD 北大核心 2010年第2期692-696,共5页 Application Research of Computers

基金国家"863"计划资助项目(2007AA01Z449) 中国博士后科学基金资助项目(20070420793)

关键词工作流访问控制策略策略验证模型检测 workflow access control policies policy validation model checking

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献8

1MARTIN E. Automated test generation for access control policies [ C ]//Proc of Conference on Object-Oriented Programming Systems, Languages, and Applications. New York: Association for Computing Machinery, 2006:752-753.
2FISLER K, KRISHNAMURTHI S, MEYEROVICH L A, et al. Verification and change-impact analysis of access-control policies [ C ]// Proc of the 27th International Conference on Software Engineering. New York : Association for Computing Machinery, 2005:96-205.
3KNORR K. Dynamic access control through Petri net workflows [ C]//Proc of the 16th Annual Computer Security Applications Conference. New York : IEEE Computer Society,2000 : 159-167.
4KNORR K. Multilevel security and information flow in Petri net workflows[ C]//Proc of the 9th International Conference on Telecommunication Systems-Modeling and Analysis, Special Session on Security Aspects of Telecommunication Systems. 2001:9-20.
5JIANG Yi-xin, LIN Chuang, YIN Hao, et al. Security analysis of mandatory access control model [ C ]//Proc of IEEE International Conference on Systems, Man and Cybernetics. New York: Institute of Electrical and Electronics Engineers Ine, 2004: 5013-5018.
6ZHANG N, RYAN M, GUELEV D P. Evaluating access control policies through model checking[ C]//Proc of the 8th Information Security Conference. Berlin : Springer-Verlag,2005:446- 460.
7SCHAAD A, LOTZ V, SOHR K. A model checking approach to analysis organizational controls[ C]//Proc of the 11 th ACM Symposium on Access Control Models and Technologies. New York: Associa- tion for Computing Machinery,2006 : 139-149.
8SCHAAD A, MOFFETT J. A lightweight approach to specification and analysis of role-based access control extensions [ C]//Proc of ACM Symposium on Access Control Models and Technologies. New York: Association for Computing Machinery, 2002: 13-22.

同被引文献17

1苏开乐,骆翔宇,吕关锋.符号化模型检测CTL[J].计算机学报,2005,28(11):1798-1806. 被引量：24
2周伟平,陆松年.RBAC访问控制研究[J].计算机安全,2007(2):11-13. 被引量：4
3Unal D,Caglayan M U.A formal role-based access controlmodel for security policies in multi-domain mobilenetworks[J].Computer Networks,2013,57(1).
4Mirabadi A,Yazdi M B.Automatic generation and verificationof railway interlocking control tables usingFSM and NuSmv[J].International Journal for Engineering Modelling,2008,21(1/4).
5Obiedkov S,Kourie D G,Eloff J H P.Building accesscontrol models with attribute exploration[J].Computerand Security,2009,28(1/2).
6Moonzoo K,Yunho K,Hotae K.A comparative study ofsoftware model checkers as unit testing tools:an industrialcase study[J].IEEE Transactions on Software Engineering,2011,37(2).
7Youngjoo K,Okjoo C,Moonzoo K,et al.Validating softwarereliability early through statistical model checking[J].IEEE Software,2013,30(3).
8Henriques D,Martins J G,Zuliani P,et al.Statistical modelchecking for Markov decision processes[C].2012 NinthInternational Conference on Quantitative Evaluation ofSystems(QEST),2012:84-93.
9Hu V C,Kuhn R,Xie Tao,et al.Model checking for verificationof mandatory access control models and properties[J].International Journal of Software Engineering andKnowledge Engineering,2011,21(1).
10Han J,Susilo W,Mu Y,et al.Attribute based obliviousaccess control[J].The Computer Journal,2013,55(10).

引证文献3

1曾峰,孙同东.网络安全中访问控制技术的研究[J].福建电脑,2011,27(8):58-59.
2刘静远.浅析电气自动化中网络访问的控制技术[J].科技资讯,2012,10(3):29-29. 被引量：1
3吕江华,刘志锋,徐亚涛,周从华.基于属性的访问控制策略的正确性验证[J].计算机工程与应用,2016,52(18):98-103.

二级引证文献1

1陈祥.电气自动化控制中的人工智能分析[J].河北农机,2015,0(4):51-52.

1程晓荣,冯志伟.基于状态机模型的网络安全策略验证方法研究[J].计算机工程与设计,2014,35(1):37-41. 被引量：3
2张京楣,曾广周,韩芳溪.面向目标的迁移工作流迁移路径的寻址与优化[J].计算机应用研究,2008,25(9):2623-2624.
3马恒太,刘小霞,朱登科.天基综合信息系统安全策略设计与验证技术研究[J].中国电子科学研究院学报,2015,10(5):468-473.
4李东,汪定伟.基于仿真的优化方法综述[J].控制工程,2008,15(6):672-677. 被引量：22
5包义保,殷丽华,方滨兴,郭莉.基于良基语义的安全策略表达与验证方法[J].软件学报,2012,23(4):912-927. 被引量：6
6魏定国,吴时霖.基于Petri网的RBAC策略验证的研究[J].小型微型计算机系统,2004,25(5):827-832. 被引量：5
7唐成华,余顺争.基于特征的网络安全策略验证[J].计算机研究与发展,2009,46(11):1854-1861. 被引量：5
8王亚楠,吴华瑞,黄锋.高并发Web应用系统的性能优化分析与研究[J].计算机工程与设计,2014,35(8):2976-2980. 被引量：32
9宋丽华,陈鸣.策略网管研究中的若干问题[J].解放军理工大学学报（自然科学版）,2002,3(6):26-30.
10李鼎,周保群,赵彬.利用逻辑编程方法进行形式化的网络安全策略验证[J].计算机应用与软件,2010,27(5):78-82.

计算机应用研究

2010年第2期

浏览历史

内容加载中请稍等...

基于模型检测的工作流访问控制策略验证被引量：3

参考文献8

同被引文献17

引证文献3

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

基于模型检测的工作流访问控制策略验证 被引量：3

参考文献8

同被引文献17

引证文献3

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

基于模型检测的工作流访问控制策略验证被引量：3