eTheses Repository

Model-driven approaches to analysing time- and location- dependent access control specifications

Geepalla, Emsaieb Mosbah (2013)
Ph.D. thesis, University of Birmingham.

Loading
PDF (3735Kb)Accepted Version

Abstract

This thesis deals with a challenging problem related to the analysis of Access Control systems which depend on time and location against undesirable scenarios such as inconsistency. In particular, this thesis first provides formal algebraic notations for the Access Control specifications in the context of a Spatio- Temporal Role Based Access Control (STRBAC) model.

In order to analyse STRBAC specifications to detect inconsistencies and semi-consistencies, this thesis utilises Alloy and Timed Automata. A key challenge is how to automatically generate analysable formalisation such as Alloy and Timed Automata from the specifications. This thesis employs Model-Driven Architecture (MDA) technology to automate the transformation of the STRBAC model to Alloy as well as to Timed Automata and Timed Computation Tree Logic (TCTL). This is accomplished by defining one set of transformation rules for mapping STRBAC features to Alloy features and another set for mapping the features of the STRBAC model to Timed Automata and TCTL features. In addition, we present a comparative study between Alloy and Timed Automata from capability and performance points of view, following which we demonstrate that current Access Control models are not adequate for representing Physical Access Control (PAC) specifications and then discuss some of the limitations of the current models, which we highlight by conducting a case study involving the modelling of an Access Control mechanism used by British Telecom (BT). To overcome such limitations, we present an extension of the STRBAC model which considers the physical aspects of Access Control systems.

Type of Work:Ph.D. thesis.
Supervisor(s):Bordbar, Behzad
School/Faculty:Colleges (2008 onwards) > College of Engineering & Physical Sciences
Department:School of Computer Science
Subjects:QA75 Electronic computers. Computer science
Institution:University of Birmingham
ID Code:4562
This unpublished thesis/dissertation is copyright of the author and/or third parties. The intellectual property rights of the author or third parties in respect of this work are as defined by The Copyright Designs and Patents Act 1988 or as modified by any successor legislation. Any use made of information contained in this thesis/dissertation must be in accordance with that legislation and must be properly acknowledged. Further distribution or reproduction in any format is prohibited without the permission of the copyright holder.
Export Reference As : ASCII + BibTeX + Dublin Core + EndNote + HTML + METS + MODS + OpenURL Object + Reference Manager + Refer + RefWorks
Share this item :
QR Code for this page

Repository Staff Only: item control page