JUCS - Journal of Universal Computer Science 13(8): 1073-1093, doi: 10.3217/jucs-013-08-1073
Specification and Refinement of Access Control
Dominique Méry‡, Stephan Merz§‡ Nancy University & LORIA, Nancy, France§ INRIA Nancy & LORIA, Nancy, France
Corresponding author: Dominique Méry ( dominique.mery@loria.fr ) © Dominique Méry, Stephan Merz. This article is freely available under the J.UCS Open Content License. Citation:
Méry D, Merz S (2007) Specification and Refinement of Access Control. JUCS - Journal of Universal Computer Science 13(8): 1073-1093. https://doi.org/10.3217/jucs-013-08-1073 |  |
Abstract
We consider the extension of fair event system specifications by concepts of access control (prohibitions, user rights, and obligations). We give proof rules for verifying that an access control policy is correctly implemented in a system, and consider preservation of access control by refinement of event systems. Prohibitions and obligations are expressed as properties of traces and are preserved by standard refinement notions of event systems. Preservation of user rights is not guaranteed by construction; we propose to combine implementation-level user rights and obligations to implement high-level user rights.
Keywords
access control, event systems, refinement