Combining UML, ASTD and B for the formal specification of an access control filter

Jeremy Milhau 1, 2, * Akram Idani 3 Régine Laleau 1 Mohamed-Amine Labiadh 4 Yves Ledru 3 M. Frappier 2
* Auteur correspondant
1 LACL - Laboratoire d'Algorithmique Complexité et Logique
2 Département d'informatique / Computer Science Departement [Sherbrooke]
3 VASCO
LIG - Laboratoire d'Informatique de Grenoble
4 LIG - Laboratoire d'Informatique de Grenoble
Abstract : Combination of formal and semi-formal methods is more and more required to produce specifications that can be, on the one hand, understood and thus validated by both designers and users and, on the other hand, precise enough to be verified by formal methods. This motivates our aim to use these complementary paradigms in order to deal with security aspects of information systems. This paper presents a methodology to specify access control policies starting with a set of graphical diagrams: UML for the functional model, SecureUML for static access control and ASTD for dynamic access control. These diagrams are then translated into a set of B machines. Finally, we present the formal specification of an access control filter that coordinates the different kinds of access control rules and the specification of functional operations. The goal of such B specifications is to rigorously check the access control policy of an information system taking advantage of tools from the B method.
Keywords : ASTD Access control policy SecureUML
Type de document :
Article dans une revue
Innovations in Systems and Software Engineering, Springer Verlag, 2011, 7 (4), pp.303-313. 〈10.1007/s11334-011-0166-z〉
Liste complète des métadonnées
https://hal.archives-ouvertes.fr/hal-00860798
Contributeur : Akram Idani <>
Soumis le : mercredi 11 septembre 2013 - 11:13:09
Dernière modification le : jeudi 11 octobre 2018 - 08:48:04

Lien texte intégral

istex

Identifiants

Collections

LACL | LIG | LIG_GLSI | LIG_GLSI_VASCO | UGA | UPEC-UPEM | LIG_SRCPR

Citation

Jeremy Milhau, Akram Idani, Régine Laleau, Mohamed-Amine Labiadh, Yves Ledru, et al.. Combining UML, ASTD and B for the formal specification of an access control filter. Innovations in Systems and Software Engineering, Springer Verlag, 2011, 7 (4), pp.303-313. 〈10.1007/s11334-011-0166-z〉. 〈hal-00860798〉

Exporter

BibTeX TEI DC DCterms EndNote

Partager

Métriques

Consultations de la notice

268

Contact

support.ccsd.cnrs.fr
hal.support@ccsd.cnrs.fr
Logo CCSD