Abstract
When we write access-control description of the Web Applications using the group and the role, there is a problem that it is difficult for a user to decide the joint ownership partner of data. Therefore, there are the trials for describing access-control using social networks. However, unexpected defects might sneak in this description if it is marked in a careless manner. In this paper, we propose the formal definition of the access-control description consist of the first-order predicate logic for the automatic checking.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
eXtensible Access Control Markup Language, http://www.oasis-open.org/committees/xacml/repository/cs-xacml-core-01.doc
Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)
Friend of a Friend, http://xmlns.com/foaf/spec/
Goecks, J., Mynatt, E.: Leveraging Social Networks for Information Sharing. In: Proc. Workshop on Social Networks, CSCW 2004 (2004)
Jackson, D.: Software Abstractions: Logic, Language, And Analysis. MIT Press, Cambridge (2006)
Maruoka, M., Nemati, G., Barolli, V., Enokido, T.: Role-based Access Control in Peer-to-Peer (P2P) Societies. In: Proc. 22nd International Conference on Advanced Information Networking and Applications - Workshops, pp. 495–500 (2008)
Role-Based Access Control, ANSI INCITS 359-2004, American National Standard for Information Technology (2004)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Zao, J., Wee, H., Chu, J., Jackson, D.: RBAC Schema Verification Using Lightweight Formal Model and Constraint Analysis. MIT, Cambridge (2002)
Junichiro, M., Yutaka, M., Tatsuhiko, S., Mitsuru, I.: Real-world oriented Information Sharing System. In: The 19th Annual Conference of the Japanese Society for Artificial Intelligence (2005) (in Japanese)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sakai, A., Hori, Y., Sakurai, K. (2009). Formal Verification for Access Control in Web Information Sharing System. In: Park, J.H., Chen, HH., Atiquzzaman, M., Lee, C., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Assurance. ISA 2009. Lecture Notes in Computer Science, vol 5576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02617-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-02617-1_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02616-4
Online ISBN: 978-3-642-02617-1
eBook Packages: Computer ScienceComputer Science (R0)