MPI-INF Logo
Campus Event Calendar

Event Entry

New for: D2, D3

What and Who

Efficient Symbolic Automated Analysis of Administrative Attribute-based RBAC-Policies

Silvio Ranise
Fondazione Bruno Kessler
Talk
AG 1, AG 2, AG 3, AG 4, AG 5, SWS, RG1, MMCI  
Public Audience
English

Date, Time and Location

Thursday, 28 April 2011
14:00
60 Minutes
E1 4
019
Saarbrücken

Abstract

Automated techniques for the security analysis of Role- Based Access Control (RBAC)

access control policies are crucial for their design and maintenance. The definition
of administrative domains by means of attributes attached to users makes the RBAC model
easier to use in real scenarios but complicates the development of security analysis
tech- niques, that should be able to modularly reason about a wide range of attribute
domains. In this talk, we describe an automated symbolic security analysis technique
for administrative attribute-based RBAC policies. A class of formulae of first-order
logic is used as an adequate symbolic representation for the policies and their
administrative actions. State-of-the-art automated theorem proving techniques are used
(off-the-shelf) to mechanize the security analysis procedure. Besides discussing the
assumptions for the effectiveness and termination of the procedure, we demonstrate its
efficiency through an extensive empirical evaluation.

Contact

Jennifer Müller
2900
--email hidden
passcode not visible
logged in users only

Jennifer Müller, 04/27/2011 11:26
Jennifer Müller, 04/19/2011 12:42 -- Created document.