Skip to Main content Skip to Navigation
Conference papers

Automated Detection of Information Leakage in Access Control

Anderson Santana de Oliveira 1 Charles Morisset 2
1 PROTHEO - Constraints, automatic deduction and software properties proofs
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
2 SPI - Sémantiques, preuves et implantation
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : The prevention of information flow is an important concern in several access control models. Even though this property is stated in the model specification, it is not easy to verify it in the actual implementation of a given security policy. In this paper we model-check rewrite-based implementations of access control policies. We propose a general algorithm that allows one to automatically identify information leakage. We apply our approach to the well-known security model of Bell and LaPadula and show that its generalization proposed by McLean does not protect a system against information leakage.
Document type :
Conference papers
Complete list of metadata
Contributor : Anderson Santana de Oliveira Connect in order to contact the contributor
Submitted on : Tuesday, November 6, 2007 - 6:45:13 PM
Last modification on : Friday, February 26, 2021 - 3:28:06 PM


  • HAL Id : inria-00185713, version 1


Anderson Santana de Oliveira, Charles Morisset. Automated Detection of Information Leakage in Access Control. Second International Workshop on Security and Rewriting Techniques - SecReT 2007, Jun 2007, Paris, France. ⟨inria-00185713⟩



Record views