A Model Checking Based Approach for Verification of Attribute-Based Access Control Policies in Cloud Infrastructures

被引:0
|
作者
Kotenko, Igor [1 ,2 ]
Saenko, Igor [1 ,2 ]
Levshun, Dmitry [1 ,2 ]
机构
[1] Russian Acad Sci SPIIRAS, St Petersburg Inst Informat & Automat, 14 Th Liniya,39, St Petersburg 199178, Russia
[2] St Petersburg Natl Res Univ Informat Technol Mech, ITMO Univ, 49 Kronverkskiy Prospekt, St Petersburg 197101, Russia
来源
PROCEEDINGS OF THE FOURTH INTERNATIONAL SCIENTIFIC CONFERENCE INTELLIGENT INFORMATION TECHNOLOGIES FOR INDUSTRY (IITI'19) | 2020年 / 1156卷
关键词
Access control; Model checking; Temporal logics; ABAC; Cloud infrastructure;
D O I
10.1007/978-3-030-50097-9_17
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Attribute-Based Access Control (ABAC) model is a perspective access control model for cloud infrastructures used for automation of industrial, transport and energy systems as they include large number of users, resources and dynamical changed permissions. The paper considers the features of ABAC model and the theoretical background for verification of the ABAC policies based on the model checking. The possibility of applying the model checking is justified on the example of the ABAC policy. Implementation of the proposed approach was made using the UPPAAL verification tool. Experimental assessment shows high acceptability of the model checking not only for finding anomalies in ABAC policies but for finding decisions to eliminate them.
引用
收藏
页码:165 / 175
页数:11
相关论文
共 50 条
  • [41] Attribute-Based Access Control Scheme with Efficient Revocation in Cloud Computing
    Zhihua Xia
    Liangao Zhang
    Dandan Liu
    中国通信, 2016, 13 (07) : 92 - 99
  • [42] Attribute-Based Oblivious Access Control
    Han, Jinguang
    Susilo, Willy
    Mu, Yi
    Yan, Jun
    COMPUTER JOURNAL, 2012, 55 (10): : 1202 - 1215
  • [43] Access control scheme based on blockchain and attribute-based searchable encryption in cloud environment
    Yan, Liang
    Ge, Lina
    Wang, Zhe
    Zhang, Guifen
    Xu, Jingya
    Hu, Zheng
    JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS, 2023, 12 (01):
  • [44] Access control scheme based on blockchain and attribute-based searchable encryption in cloud environment
    Liang Yan
    Lina Ge
    Zhe Wang
    Guifen Zhang
    Jingya Xu
    Zheng Hu
    Journal of Cloud Computing, 12
  • [45] Cloud Storage Data Access Control Scheme Based on Blockchain and Attribute-Based Encryption
    Yang, Xiaodong
    Chen, Aijia
    Wang, Zhisong
    Li, Shudong
    SECURITY AND COMMUNICATION NETWORKS, 2022, 2022
  • [46] Using Attribute-Based Access Control, Efficient Data Access in the Cloud with Authorized Search
    Saraswathy, K. S.
    Sujatha, S. S.
    INTERNATIONAL JOURNAL OF ELECTRICAL AND COMPUTER ENGINEERING SYSTEMS, 2022, 13 (07) : 569 - 575
  • [47] A Correct-by-Construction Model for Attribute-Based Access Control
    Gadouche, Hania
    Farah, Zoubeyr
    Tari, Abdelkamel
    MODEL AND DATA ENGINEERING, MEDI 2018, 2018, 11163 : 233 - 247
  • [48] Efficient and Secure Attribute-Based Access Control With Identical Sub-Policies Frequently Used in Cloud Storage
    Xue, Kaiping
    Gai, Na
    Hong, Jianan
    Wei, David S. L.
    Hong, Peilin
    Yu, Nenghai
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2022, 19 (01) : 635 - 646
  • [49] Securing cloud access with enhanced attribute-based cryptography
    Kumar, Ashutosh
    Verma, Garima
    COMPUTING, 2024, 106 (12) : 4193 - 4207
  • [50] Improving Reuse of Attribute-Based Access Control Policies Using Policy Templates
    Decat, Maarten
    Moeys, Jasper
    Lagaisse, Bert
    Joosen, Wouter
    ENGINEERING SECURE SOFTWARE AND SYSTEMS (ESSOS 2015), 2015, 8978 : 196 - 210
12345