Skip to main content
SpringerLink
Log in

Specification and Verification Using Alloy of Optimistic Access Control for Distributed Collaborative Editors

  • Conference paper
Formal Methods for Industrial Critical Systems (FMICS 2013)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8187))

  • 752 Accesses

Abstract

Distributed Collaborative Editors are interactive systems where several and dispersed users edit concurrently shared documents. Generally, these systems rely on data replication and use safe coordination protocol which ensures data consistency even though the users’s updates are executed in any order on different copies. Controlling access in such systems is a challenging problem, as they need dynamic access changes and low latency access to shared documents. In [1], a flexible access control protocol is proposed; it is based on replicating the shared document and its authorization policy at the local memory of each user. To deal with latency and dynamic access changes, an optimistic access control technique is used where enforcement of authorizations is retroactive. However, verifying whether the combination of access control and coordination protocols preserves the data consistency is a hard task since it requires examining a large number of situations. In this paper, we specify this access control protocol in the first-order relational logic with Alloy, and we verify that it preserves the correctness of the system on which it is deployed in such a way that the access control policy is enforced identically at all participating user sites and, accordingly, the data consistency remains still maintained.

This work is supported by grant number 138732 awarded by the Fonds de Recherche du Québec - Nature et Technologies (FQRNT-Équipe).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Imine, A., Cherif, A., Rusinowitch, M.: A Flexible Access Control Model for Distributed Collaborative Editors. In: Jonker, W., Petković, M. (eds.) SDM 2009. LNCS, vol. 5776, pp. 89–106. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Ellis, C.A., Gibbs, S.J.: Concurrency Control in Groupware Systems. In: SIGMOD Conference, vol. 18, pp. 399–407 (1989)

    Google Scholar 

  3. Sun, C., Jia, X., Zhang, Y., Yang, Y., Chen, D.: Achieving Convergence, Causality-preservation and Intention-preservation. In: Real-time Cooperative Editing Systems, pp. 63–108. ACM, New York (1998)

    Google Scholar 

  4. Sun, C., Xia, S., Sun, D., Chen, D., Shen, H., Cai, W.: Transparent Adaptation of Single-user Applications for Multi-user Real-time Collaboration. ACM Trans. Comput.-Hum. Interact. 13(4), 531–582 (2006)

    Article  Google Scholar 

  5. Tolone, W., Ahn, G.J., Pai, T., Hong, S.P.: Access Control in Collaborative Systems. ACM Comput. Surv. 37(1), 29–41 (2005)

    Article  Google Scholar 

  6. Povey, D.: Optimistic security: a new access control paradigm. In: Proceedings of the 1999 Workshop on New Security Paradigms, NSPW 1999, pp. 40–45. ACM, New York (2000)

    Chapter  Google Scholar 

  7. Holzmann, G.J.: The Spin Model Checker: Primer and Reference Manual. Addison-Wesley (2004)

    Google Scholar 

  8. Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M.: NUSMV: A New Symbolic Model Checker. International Journal on Software Tools for Technology Transfer 2(4), 410–425 (2000)

    Article  MATH  Google Scholar 

  9. Schaeffer-Filho, A., Lupu, E., Sloman, M., Eisenbach, S.: Verification of Policy-Based Self-Managed Cell Interactions Using Alloy. In: IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009., pp. 37–40 (2009)

    Google Scholar 

  10. Frappier, M., Fraikin, B., Chossart, R., Chane-Yack-Fa, R., Ouenzar, M.: Comparison of Model Checking Tools for Information Systems. In: Dong, J.S., Zhu, H. (eds.) ICFEM 2010. LNCS, vol. 6447, pp. 581–596. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. MIT Sofware Design Group: Alloy : a language and tool for relational models, http://alloy.mit.edu/alloy/ (accessed : May 5, 2013)

  12. Woodcock, J., Davies, J.: Using Z: Specification, Refinement, and Proof. Prentice Hall (1996)

    Google Scholar 

  13. Canergie Mellon University: The SMV System, http://www.cs.cmu.edu/~modelcheck/smv.html (accessed : May 5, 2013)

  14. Jackson, D.: Software Abstractions: Logic, Language, and Analysis. The MIT Press (2006)

    Google Scholar 

  15. Pai, S., Sharma, Y., Kumar, S., Pai, R.M., Singh, S.: Formal Verification of OAuth 2.0 Using Alloy Framework. In: 2011 International Conference on Communication Systems and Network Technologies (CSNT), pp. 655–659 (2011)

    Google Scholar 

  16. Le Berre, D., Parrain, A.: The Sat4j Library, Release 2.2. Journal on Satisfiability, Boolean Modeling and Computation 7, 59–64 (2010), System description

    Google Scholar 

  17. Boolean Satisability Research Group at Princeton: zChaff, http://www.princeton.edu/~chaff/zchaff.html (accessed : May 5, 2013)

  18. Eén, N., Sörensson, N.: MiniSat, The MiniSat Page, http://minisat.se/ (accessed : May 5, 2013)

  19. Torlak, E., Dennis, G.: Kodkod for Alloy users. In: First ACM Alloy Workshop (2006)

    Google Scholar 

  20. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  21. Joshi, J.B.D., Bhatti, R., Bertino, E., Ghafoor, A.: Access-Control Language for Multidomain Environments. IEEE Internet Computing 8(6), 40–50 (2004)

    Article  Google Scholar 

  22. Piromruen, S., Joshi, J.B.D.: An RBAC Framework for Time Constrained Secure Interoperation in Multi-Domain Environments. In: 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, WORDS 2005, pp. 36–45 (2005)

    Google Scholar 

  23. Lee, H.K., Luedemann, H.: Lightweight Decentralized Authorization Model for Inter-Domain Collaborations. In: Proceedings of the 2007 ACM Workshop on Secure Web Services, SWS 2007, pp. 83–89. ACM, New York (2007)

    Chapter  Google Scholar 

  24. Samarati, P., Ammann, P., Jajodia, S.: Maintaining Replicated Authorizations in Distributed Database Systems. Data & Knowledge Engineering 18(1), 55–84 (1996)

    Article  MATH  Google Scholar 

  25. Xin, T., Ray, I.: A Lattice-Based Approach for Updating Access Control Policies in Real-time. Inf. Syst. 32(5), 755–772 (2007)

    Article  Google Scholar 

  26. Hu, H., Ahn, G.: Enabling Verification and Conformance Testing for Access Control Model. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008, pp. 195–204. ACM, New York (2008)

    Chapter  Google Scholar 

  27. Samuel, A., Ghafoor, A., Bertino, E.: A framework for specification and verification of generalized spatio-temporal role based access control model. Technical report, Purdue University (2007)

    Google Scholar 

  28. Toahchoodee, M., Ray, I., Anastasakis, K., Georg, G., Bordbar, B.: Ensuring Spatio-temporal Access Control for Real-world Applications. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 13–22. ACM, New York (2009)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. École Polytechnique de Montréal, Montréal, Canada

    Aurel Randolph, Hanifa Boucheneb & Alejandro Quintero

  2. Lorraine University and INRIA Nancy-Grand-Est., France

    Abdessamad Imine

Authors
  1. Aurel Randolph
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdessamad Imine
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hanifa Boucheneb
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Alejandro Quintero
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Université catholique de Louvain, 1348, Louvain-la-Neuve, Belgium

    Charles Pecheur

  2. Rockwell Collins France, 31701, Blagnac, France

    Michael Dierkes

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Randolph, A., Imine, A., Boucheneb, H., Quintero, A. (2013). Specification and Verification Using Alloy of Optimistic Access Control for Distributed Collaborative Editors. In: Pecheur, C., Dierkes, M. (eds) Formal Methods for Industrial Critical Systems. FMICS 2013. Lecture Notes in Computer Science, vol 8187. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41010-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41010-9_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41009-3

  • Online ISBN: 978-3-642-41010-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation