HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Formal development of a secure access control filter

Abstract : With the advent of the internet, most organizations offer more and more access to their information systems in order to increase their benefits. However, such an opening may cause security issues if sufficient precautions are not taken. An adequate solution to secure access to information systems consists in (1) defining the sufficient security policies and (2) ensuring their correct deployment on a given technological infrastructure. The present paper deals with the first point by introducing a formal approach that permits to develop a secure filter for an information system that respects different kinds of security rules: functional, static and dynamic rules. The proposed approach uses the \texttt{SecureUML} language to express the static rules and adapts the UML activity diagrams for dynamic ones while the structure of the manipulated data and the functionalities are expressed using a UML class diagram. Starting from these graphical notations, the approach consists in mapping them into a B formal specification to ensure their consistency and validate the system. Finally, a proved filter, which permits to take into account different security rules, is formally derived using the B refinement technique
Document type :
Conference papers
Complete list of metadata

Contributor : Médiathèque Télécom Sudparis & Institut Mines-Télécom Business School Connect in order to contact the contributor
Submitted on : Tuesday, April 5, 2016 - 2:58:49 PM
Last modification on : Wednesday, November 3, 2021 - 9:22:44 AM



Amel Mammar, Thi Mai Nguyen, Régine Laleau. Formal development of a secure access control filter. HASE 2016 : 17th International Symposium on High-Assurance Systems Engineering, Jan 2016, Orlando, Florida, United States. pp.173 - 180, ⟨10.1109/HASE.2016.10⟩. ⟨hal-01298113⟩



Record views