The Open UniversitySkip to content
 

Run-time generation, transformation, and verification of access control models for self-protection

Bailey, Christopher; Montrieux, Lionel; de Lemos, Rogério; Yu, Yijun and Wermelinger, Michel (2014). Run-time generation, transformation, and verification of access control models for self-protection. In: SEAMS 2014 Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, ACM, pp. 135–144.

Full text available as:
[img]
Preview
PDF (Accepted Manuscript) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (916kB) | Preview
DOI (Digital Object Identifier) Link: https://doi.org/10.1145/2593929.2593945
Google Scholar: Look up in Google Scholar

Abstract

Self-adaptive access control, in which self-* properties are applied to protecting systems, is a promising solution for the handling of malicious user behaviour in complex infrastructures. A major challenge in self-adaptive access control is ensuring that chosen adaptations are valid, and produce a satisfiable model of access. The contribution of this paper is the generation, transformation and verification of Role Based Access Control (RBAC) models at run-time, as a means for providing assurances that the adaptations to be deployed are valid. The goal is to protect the system against insider threats by adapting at run-time the access control policies associated with system resources, and access rights assigned to users. Depending on the type of attack, and based on the models from the target system and its environment, the adapted access control models need to be evaluated against the RBAC metamodel, and the adaptation constraints related to the application. The feasibility of the proposed approach has been demonstrated in the context of a fully working prototype using malicious scenarios inspired by a well documented case of insider attack.

Item Type: Conference or Workshop Item
Copyright Holders: 2014 ACM
ISBN: 1-4503-2864-4, 978-1-4503-2864-7
Keywords: security; verification
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Interdisciplinary Research Centre: Centre for Policing Research and Learning (CPRL)
Centre for Research in Computing (CRC)
Related URLs:
Item ID: 39748
Depositing User: Lionel Montrieux
Date Deposited: 20 Mar 2014 13:18
Last Modified: 23 Jan 2017 12:01
URI: http://oro.open.ac.uk/id/eprint/39748
Share this page:

Altmetrics

Scopus Citations

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

▼ Automated document suggestions from open access sources

Actions (login may be required)

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk