By Topic

A Light-Weight Formal Approach for Modeling, Verifying and Integrating Role-Based Access Control Requirements

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Zafar, S. ; Riphah Int. Univ., Pakistan

As the complexity of access control requirements is increasing to protect valuable organizational data the value of correct specification and integration of access rights into the system specification has also increased. Role-based access control (RBAC) facilitates specification of access control requirements in a flexible manner. However, various available models do not always support effective integration of the requirements into rest of the system specification. Furthermore, automated verification of RBAC model poses the challenge of state-explosion. In this paper we propose a light-weight formal method for model-checking of RBAC specification. We use BT-RBAC model to specify access control requirements. The model is based on a graphical notation with formal semantics and supports a requirements translation process, strong traceability of requirements, and uses a single notation to support effective integration of the model. The automated translation into SAL specification input language is used to formally verify the correctness of the model.

Published in:

Software Engineering Conference, 2009. APSEC '09. Asia-Pacific

Date of Conference:

1-3 Dec. 2009