Stale-Safe Security Properties for Group-Based Secure Information Sharing

dc.contributor.authorKrishnan, Ram
dc.contributor.authorNiu, Jianwei
dc.contributor.authorSandhu, Ravi
dc.contributor.authorWinsborough, William H.
dc.date.accessioned2023-10-24T16:08:59Z
dc.date.available2023-10-24T16:08:59Z
dc.date.issued2008-08-12
dc.description.abstractAttribute staleness arises due to the physical distribution of authorization information, decision and enforcement points. This is a fundamental problem in virtually any secure distributed system in which the management and representation of authorization state is not centralized. This problem is so intrinsic, it is inevitable that access control will be based on attribute values that are stale. While it may not be practical to eliminate staleness, we can limit unsafe access decisions made based on stale subject and object attributes. In this paper, we propose and formally specify four stale-safe security properties of varying strength which limit such incorrect access decisions. We use Linear Temporal Logic (LTL) to formalize these properties making them suitable to be verified by using model checking. We show how these properties can be applied in the specific context of group-based Secure Information Sharing (g-SIS) as defined in this paper. We specify the authorization decision/enforcement points of the g-SIS system as a Finite State Machine (FSM) and show how this FSM can be modified so as to satisfy one of the stale-safe properties. We formally verify that this FSM satisfies the stale-safe property using a mature model checker called Symbolic Model Verifier (SMV).
dc.description.departmentComputer Science
dc.identifier.urihttps://hdl.handle.net/20.500.12588/2146
dc.language.isoen_US
dc.publisherUTSA Department of Computer Science
dc.relation.ispartofseriesTechnical Report; CS-TR-2008-012
dc.subjectattribute staleness
dc.subjectsecurity properties
dc.subjectmodel checking
dc.subjectsecure information sharing
dc.subjecttrusted computing
dc.titleStale-Safe Security Properties for Group-Based Secure Information Sharing
dc.typeTechnical Report

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Krishnan_et_al_CS-TR-2008-012.pdf
Size:
747.15 KB
Format:
Adobe Portable Document Format

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.86 KB
Format:
Item-specific license agreed upon to submission
Description: