| 基于模型检测的URA—SAP安全性验证 |
| |
| 引用本文: | 邹林,潘理. 基于模型检测的URA—SAP安全性验证[J]. 信息安全与通信保密, 2010, 0(6): 71-73,81 |
| |
| 作者姓名: | 邹林 潘理 |
| |
| 作者单位: | 上海交通大学电子信息与电气工程学院,上海,200240;上海市信息安全综合管理技术研究重点实验室,上海,200240 |
| |
| 基金项目: | 国家自然科学基金,国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 在RBAC访问控制系统的安全性分析问题(RBAC—SAP)中,用户-角色分配相关的安全性分析问题(URA—SAP)是其中最重要的一个子问题,即用户-角色分配关系的变化对系统安全性的影响问题。提出了一种将URA—SAP转化为模型检测问题的自动化验证算法,实验表明采用该算法并结合现有的模型检测工具可以有效地解决URA—SAP问题。
|
| 关 键 词: | 安全分析 模型检测 SAP问题 |
URA-SAP Security Verification Based on Model Checking for RBAC Access Control Systems |
| |
| ZOU Lin,PAN Li. URA-SAP Security Verification Based on Model Checking for RBAC Access Control Systems[J]. China Information Security, 2010, 0(6): 71-73,81 |
| |
| Authors: | ZOU Lin PAN Li |
| |
| Affiliation: | 1School of Electronic Information and Electric Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2Shanghai Key Laboratory of Integrated Information Security Management Technique, Shanghai 200240, China) |
| |
| Abstract: | User-role assignment security analysis is the most important thing in security analysis of in RBAC access control systems, that is to say, the changes of user-role assignment have notable impact on the system security. Based on the definition and computational complexity of this problem, an automatic verification algorithm, which translates URA-SAP into model checking problem, is proposed in this paper. Experiment indicates that this algorithm, in combination with the existing model checking tool, could effectively solve the problem of URA-SAP security verification. |
| |
| Keywords: | security analysis model checking SAP |
| 本文献已被 维普 万方数据 等数据库收录! |
|
