English

Event Systems and Access Control

Logic in Computer Science 2016-08-16 v1 Cryptography and Security

Abstract

We consider the interpretations of notions of access control (permissions, interdictions, obligations, and user rights) as run-time properties of information systems specified as event systems with fairness. We give proof rules for verifying that an access control policy is enforced in a system, and consider preservation of access control by refinement of event systems. In particular, refinement of user rights is non-trivial; we propose to combine low-level user rights and system obligations to implement high-level user rights.

Keywords

Cite

@article{arxiv.cs/0604081,
  title  = {Event Systems and Access Control},
  author = {Dominique Méry and Stephan Merz},
  journal= {arXiv preprint arXiv:cs/0604081},
  year   = {2016}
}