Skip to main content
Springer Nature Link
Log in

Abductive Analysis of Administrative Policies in Rule-Based Access Control

  • Conference paper
Information Systems Security (ICISS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7093))

Included in the following conference series:

  • 926 Accesses

Abstract

In large organizations, the access control policy is managed by multiple users (administrators). An administrative policy specifies how each user may change the policy. The consequences of an administrative policy are often non-obvious, because sequences of changes by different users may interact in unexpected ways. Administrative policy analysis helps by answering questions such as user-permission reachability, which asks whether specified users can together change the policy in a way that achieves a specified goal, namely, granting a specified permission to a specified user.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Becker, M.Y.: Specification and analysis of dynamic authorisation policies. In: Proc. 22nd IEEE Computer Security Foundations Symposium (CSF), pp. 203–217 (2009)

    Google Scholar 

  2. Becker, M.Y., Nanz, S.: The Role of Abduction in Declarative Authorization Policies. In: Hudak, P., Warren, D.S. (eds.) PADL 2008. LNCS, vol. 4902, pp. 84–99. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Becker, M.Y., Nanz, S.: A logic for state-modifying authorization policies. ACM Transactions on Information and System Security 13(3) (2010)

    Google Scholar 

  4. Jha, S., Li, N., Tripunitara, M., Wang, Q., Winsborough, W.: Towards formal verification of role-based access control policies. IEEE Transactions on Dependable and Secure Computing 5(4), 242–255 (2008)

    Article  Google Scholar 

  5. Li, N., Tripunitara, M.V.: Security analysis in role-based access control. ACM Transactions on Information and System Security 9(4), 391–420 (2006)

    Article  Google Scholar 

  6. Sandhu, R., Bhamidipati, V., Munawer, Q.: The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and Systems Security 2(1), 105–135 (1999)

    Article  Google Scholar 

  7. Stoller, S.D., Yang, P., Gofman, M., Ramakrishnan, C.R.: Symbolic reachability analysis for parameterized administrative role based access control. Computers & Security 30(2-3), 148–164 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Stony Brook University, USA

    Puneet Gupta, Scott D. Stoller & Zhongyuan Xu

Authors
  1. Puneet Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Scott D. Stoller
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhongyuan Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Center for Distributed Computing, Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gupta, P., Stoller, S.D., Xu, Z. (2011). Abductive Analysis of Administrative Policies in Rule-Based Access Control. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2011. Lecture Notes in Computer Science, vol 7093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25560-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25560-1_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25559-5

  • Online ISBN: 978-3-642-25560-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics