Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Verification of Resilience Policies that Assist Attribute Based Access Control

Published

Author(s)

Chung Tong Hu, Antonios Gouglidis, Jeremy Busby, David Hutchison

Abstract

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined in the context of these models is their ability to successfully restrict access to resources. Nevertheless, considering only restriction of access may not be enough in some environments, as in critical infrastructures. The protection of systems in this type of environment requires a new line of enquiry. It is essential to ensure that appropriate access is always possible, even when users and resources are subjected to challenges of various sorts. Resilience in access control is conceived as the ability of a system not to restrict but rather to ensure access to resources. In order to demonstrate the application of resilience in access control, we formally define an attribute based access control model (ABAC) based on guidelines provided by the National Institute of Standards and Technology (NIST). We examine how ABAC based resilience policies can be specified in temporal logic and how these can be formally verified. The verification of resilience is done using an automated model checking technique, which eventually may lead to reducing the overall complexity required for the verification of resilience policies and serve as a valuable tool for administrators.
Proceedings Title
2nd Workshop on Attribute Based Access Control (ABAC 2017)
Conference Dates
March 24, 2017
Conference Location
Scottsdale, AZ

Keywords

ABAC, Access Control, authorization, Attribute based access control, resilience

Citation

, C. , Gouglidis, A. , Busby, J. and Hutchison, D. (2017), Verification of Resilience Policies that Assist Attribute Based Access Control, 2nd Workshop on Attribute Based Access Control (ABAC 2017), Scottsdale, AZ, [online], https://doi.org/10.1145/3041048.3041049 (Accessed December 4, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created March 24, 2017, Updated November 10, 2018