Sciweavers

Share
ICECCS
2005
IEEE

Model-Based Design and Analysis of Permission-Based Security

12 years 1 months ago
Model-Based Design and Analysis of Permission-Based Security
To guarantee the security of computer systems, it is necessary to define security permissions to restrict the access to the systems’ resources. These permissions rely on certain restrictions based on the workflows the system is designed for. It is not always easy to see if workflows and the design of the security permissions for the system fit together. We address this problem using an approach which embeds security permissions in UML models and supports modelbased security analysis by providing consistency checks. The presented formal framework also prepares the ground for an automated analysis of underlying protocols for managing security-critical permissions, for example with the help of first-order logic theorem proving. We explain how the models can be securely implemented in a language such as Java.
Jan Jürjens, Markus Lehrhuber, Guido Wimmel
Added 24 Jun 2010
Updated 24 Jun 2010
Type Conference
Year 2005
Where ICECCS
Authors Jan Jürjens, Markus Lehrhuber, Guido Wimmel
Comments (0)
books