HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Journal articles

A Design by Contract Approach to Verify Access Control Policies

Abstract : In the security domain, the access control consists in specifying who can access to what and how, with four well-known concepts permissions, prohibitions, obligations and separation of duty. The language ACA follows these traits and proposes a novel management of security parameter with the ability to distinguish policy for user, role or organization inside the secure action. All these concepts, closely related to the design by contract domain, allow us to introduce a method that transforms access control policies into classical contracts (invariants, pre/post-conditions). With this transformation, usual technique used in model checking can be used to verify access control policies. In our approach, we use the Tamago platform for describing, analyzing and simulating the obtained contract. Security scenarios can also be generated to test an access control policy. The Tamago platform can also be used to test the functional part of the system, which can be used in addition to access control verification.
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download

Contributor : Hakim Belhaouari Connect in order to contact the contributor
Submitted on : Wednesday, February 20, 2013 - 7:00:03 AM
Last modification on : Wednesday, December 22, 2021 - 11:58:05 AM
Long-term archiving on: : Friday, March 31, 2017 - 11:51:39 AM


Files produced by the author(s)




Hakim Belhaouari, Pierre Konopacki, Régine Laleau, Marc Frappier. A Design by Contract Approach to Verify Access Control Policies. IEEE Computer Society, 2012, pp.263-272. ⟨10.1109/ICECCS.2012.4⟩. ⟨hal-00724267⟩



Record views


Files downloads