Entry Jayaraman:2013:MAR from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Jayaraman:2013:MAR,
  author =       "Karthick Jayaraman and Mahesh Tripunitara and Vijay
                 Ganesh and Martin Rinard and Steve Chapin",
  title =        "{Mohawk}: Abstraction-Refinement and Bound-Estimation
                 for Verifying Access Control Policies",
  journal =      j-TISSEC,
  volume =       "15",
  number =       "4",
  pages =        "18:1--18:??",
  month =        apr,
  year =         "2013",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2445566.2445570",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Thu Apr 4 18:18:20 MDT 2013",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Verifying that access-control systems maintain desired
                 security properties is recognized as an important
                 problem in security. Enterprise access-control systems
                 have grown to protect tens of thousands of resources,
                 and there is a need for verification to scale
                 commensurately. We present techniques for
                 abstraction-refinement and bound-estimation for bounded
                 model checkers to automatically find errors in
                 Administrative Role-Based Access Control (ARBAC)
                 security policies. ARBAC is the first and most
                 comprehensive administrative scheme for Role-Based
                 Access Control (RBAC) systems. In the
                 abstraction-refinement portion of our approach, we
                 identify and discard roles that are unlikely to be
                 relevant to the verification question (the abstraction
                 step). We then restore such abstracted roles
                 incrementally (the refinement steps). In the
                 bound-estimation portion of our approach, we lower the
                 estimate of the diameter of the reachability graph from
                 the worst-case by recognizing relationships between
                 roles and state-change rules. Our techniques complement
                 one another, and are used with conventional bounded
                 model checking. Our approach is sound and complete: an
                 error is found if and only if it exists. We have
                 implemented our technique in an access-control policy
                 analysis tool called Mohawk. We show empirically that
                 Mohawk scales well to realistic policies, and provide a
                 comparison with prior tools.",
  acknowledgement = ack-nhfb,
  articleno =    "18",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries

abstraction, 9(2)181, 11(3)12, 15(2)8, 18(1)4, 18(2)8, 18(3)10
access-control, 9(4)421, 10(1)2, 10(1)3, 10(2)5, 10(2)7, 10(4)2, 10(4)4, 14(1)2, 14(1)9, 15(4)15, 16(4)17
administrative, 2(1)105, 2(4)354, 6(2)201, 9(4)391, 10(2)7
analysis, 1(1)66, 2(1)34, 2(2)138, 2(3)230, 2(3)332, 4(1)1, 6(4)443, 7(2)175, 7(4)489, 8(3)312, 9(3)292, 9(4)391, 10(1)2, 10(3)9, 10(3)10, 10(3)11, 10(4)2, 10(4)6, 11(2)3, 11(3)13, 11(3)15, 11(4)17, 11(4)18, 11(4)23, 12(1)4, 12(2)10, 12(3)16, 13(1)10, 13(3)25, 13(3)26, 13(3)27, 13(4)41, 14(1)6, 14(1)8, 14(1)13, 14(2)15, 14(4)28, 15(3)14, 15(4)17, 16(1)2, 16(1)4, 16(2)8, 16(3)10, 16(3)11, 16(4)14, 16(4)17, 17(1)1, 17(1)4, 17(2)7, 17(3)9, 17(4)14, 18(1)1, 18(1)4, 18(2)6
another, 1(1)26, 1(1)66, 11(3)13, 11(3)14, 12(1)5, 12(3)18, 13(3)26, 13(4)36, 15(3)12, 18(1)1
approach, 1(1)3, 1(1)26, 2(1)34, 2(2)138, 2(3)269, 2(3)295, 5(2)119, 5(3)203, 6(1)128, 7(3)392, 9(4)391, 9(4)421, 10(1)2, 10(1)4, 10(3)11, 10(3)12, 10(4)4, 11(1)3, 11(3)15, 11(3)16, 11(4)17, 11(4)19, 12(1)1, 12(1)4, 12(2)11, 12(3)14, 13(3)20, 13(3)24, 13(4)31, 13(4)35, 13(4)36, 14(1)8, 14(3)23, 14(4)29, 15(1)4, 15(3)12, 15(3)13, 15(4)15, 15(4)17, 16(2)5, 16(2)7, 16(2)8, 16(4)15, 16(4)16, 17(3)12, 17(4)14, 18(2)5, 18(2)7, 18(3)11
automatically, 10(2)8, 12(2)10, 13(3)24, 14(1)2, 15(2)6, 16(2)5, 16(2)7, 17(2)7, 17(4)13, 18(3)9
Based, Role-, 3(2)85, 12(3)15, 13(4)36
bounded, 10(1)2, 12(3)18
called, 1(1)3, 1(1)66, 2(1)105, 2(2)177, 2(3)269, 10(1)4, 11(1)3, 11(3)14, 12(3)15, 13(1)10, 13(3)26, 13(3)27, 14(1)13, 14(4)28, 15(1)2, 15(2)9, 16(2)6, 17(1)2, 17(3)10, 17(4)16, 18(1)3
case, worst-, 11(4)19, 15(3)14, 17(3)11
checker, 18(2)6
checking, 1(1)3, 10(2)5, 10(2)7, 10(4)5, 12(4)20, 14(1)12, 18(2)6
comparison, 1(1)3, 14(4)31
complement, 2(3)230, 2(4)390, 11(2)5, 13(4)36, 17(4)14, 18(1)2
complete, 10(1)4, 10(2)5, 10(4)2, 11(2)5, 12(1)1, 12(3)17, 13(3)20, 13(3)27, 13(4)40, 14(4)31
comprehensive, 10(1)2, 10(4)2, 11(3)12, 13(3)24, 15(4)17, 17(3)12, 18(1)4
control, access-, 9(4)421, 10(1)2, 10(1)3, 10(2)5, 10(2)7, 10(4)2, 10(4)4, 14(1)2, 14(1)9, 15(4)15, 16(4)17
conventional, 2(1)34, 10(1)2, 10(1)3
desired, 12(4)20, 15(2)10
discard, 15(2)6
empirically, 14(3)27, 15(3)12, 16(1)2, 18(1)2
enterprise, 2(1)34, 2(3)269, 11(1)4, 13(4)31, 14(1)3, 15(3)13, 15(4)15, 17(3)11
error, 1(1)3, 14(1)5, 14(3)26, 15(2)7, 15(3)13, 16(2)8
estimate, 11(4)20, 14(1)13, 17(3)12
exist, 11(1)3, 11(2)3, 12(4)20, 16(1)4
find, 10(1)4, 12(1)3, 12(1)6, 12(2)10, 12(4)22, 15(1)5, 16(2)8, 17(3)11, 17(4)13, 18(3)10, 18(4)12
first, 2(1)34, 2(1)105, 2(4)354, 9(2)181, 10(4)6, 11(2)3, 11(2)4, 11(3)13, 11(4)18, 11(4)22, 12(1)3, 12(1)5, 12(3)18, 12(4)22, 13(4)31, 13(4)32, 14(1)13, 14(3)25, 14(4)30, 14(4)31, 15(4)17, 16(3)10, 17(1)4, 17(2)6, 17(3)11, 18(1)4, 18(3)9, 18(4)12, 18(4)13
found, 10(3)9, 11(2)3, 13(1)10, 17(4)13, 18(1)1
Ganesh, Vijay, 12(2)10
graph, 2(1)3, 2(1)105, 10(4)1, 11(3)13, 12(1)4, 12(3)18, 17(3)11, 18(4)12
have, 1(1)66, 1(1)93, 2(1)65, 2(2)138, 2(3)230, 2(3)269, 10(1)2, 10(1)4, 10(2)5, 10(3)10, 10(3)12, 10(4)4, 10(4)5, 10(4)6, 11(1)2, 11(2)1, 11(2)5, 11(3)15, 11(3)16, 11(4)17, 11(4)18, 11(4)21, 12(1)1, 12(1)2, 12(2)10, 12(2)13, 12(3)15, 12(3)16, 12(3)17, 12(4)20, 13(3)20, 13(3)26, 13(3)27, 13(3)28, 13(4)32, 13(4)36, 13(4)39, 13(4)40, 14(1)6, 14(1)7, 14(1)10, 14(1)13, 14(1)14, 14(3)27, 14(4)28, 14(4)29, 15(2)7, 15(2)9, 15(2)10, 15(3)12, 16(2)7, 16(2)8, 16(3)10, 16(4)15, 16(4)16, 17(1)3, 17(3)11, 17(3)12, 17(4)13, 17(4)15, 18(1)1, 18(1)3, 18(2)5, 18(2)7, 18(4)13
identify, 11(2)2, 11(3)12, 11(3)15, 11(3)16, 11(4)18, 11(4)20, 12(1)4, 12(4)20, 12(4)22, 13(4)35, 14(1)13, 16(2)7, 17(4)13, 18(4)13
implemented, 2(3)269, 10(1)4, 11(2)5, 12(1)1, 13(3)26, 14(1)8, 14(3)27, 15(4)16, 17(2)5, 17(3)10, 17(3)11, 17(4)13, 18(2)6
important, 1(1)3, 1(1)66, 2(3)295, 10(2)8, 11(3)14, 11(4)18, 11(4)20, 12(1)4, 13(3)26, 13(3)27, 13(4)36, 14(4)28, 15(3)12, 16(1)4, 17(3)11
incrementally, 10(3)11, 15(2)6
lower, 11(2)3, 12(3)18, 14(1)7
maintain, 9(4)391, 12(1)5, 14(1)12
most, 2(3)332, 9(4)391, 11(2)2, 11(3)12, 11(4)22, 12(2)8, 12(2)12, 12(3)14, 12(4)21, 13(1)10, 13(3)27, 13(4)30, 14(3)27, 15(1)5, 15(2)6, 15(4)15, 16(1)4, 16(2)6, 16(4)13, 16(4)14, 17(3)11, 17(3)12, 17(4)16, 18(1)1
need, 2(2)177, 2(3)230, 2(4)390, 9(4)421, 10(4)2, 10(4)3, 12(3)17, 13(3)22, 15(4)17, 16(2)6, 17(3)10, 18(2)6, 18(2)7
one, 1(1)26, 1(1)93, 2(1)3, 2(1)65, 2(3)295, 9(4)461, 10(1)2, 10(2)5, 10(2)8, 10(3)12, 10(4)3, 11(2)6, 11(3)14, 12(1)1, 12(1)5, 12(2)13, 12(3)14, 13(3)21, 13(3)25, 13(3)26, 13(3)27, 13(4)41, 14(1)3, 14(1)5, 14(4)30, 14(4)32, 15(2)10, 15(3)11, 15(4)16, 16(1)3, 16(1)4, 16(3)9, 16(4)14, 17(2)8, 17(4)13, 18(1)1, 18(3)11, 18(4)13
only, 2(3)230, 2(3)295, 10(4)3, 11(1)3, 11(2)4, 11(3)13, 11(4)20, 12(1)2, 12(1)3, 12(2)13, 12(3)19, 12(4)21, 13(1)10, 13(3)25, 13(3)28, 13(4)35, 13(4)37, 13(4)39, 14(1)5, 14(1)11, 14(3)26, 14(4)31, 15(2)9, 15(4)16, 16(1)3, 16(2)6, 16(2)7, 16(3)9, 16(3)10, 16(4)13, 17(3)9, 17(4)15, 18(2)5, 18(2)8
portion, 15(3)14, 17(4)14
present, 1(1)26, 2(1)3, 2(1)65, 2(2)177, 2(3)230, 2(3)269, 2(3)295, 2(4)354, 7(2)319, 9(2)181, 9(4)461, 10(1)2, 10(2)7, 10(3)10, 10(3)11, 10(3)12, 10(4)2, 10(4)3, 11(1)2, 11(1)4, 11(2)2, 11(2)5, 11(3)14, 11(4)22, 12(1)2, 12(1)4, 12(2)10, 12(2)11, 12(3)14, 12(3)15, 12(3)16, 12(3)17, 12(4)22, 13(1)10, 13(3)20, 13(3)22, 13(3)25, 13(3)28, 13(4)29, 13(4)41, 14(1)4, 14(1)5, 14(1)6, 15(1)2, 15(2)6, 15(2)8, 15(2)10, 15(3)12, 15(3)13, 15(4)16, 16(2)6, 16(2)7, 16(4)13, 16(4)14, 17(1)4, 17(2)6, 17(2)7, 17(2)8, 17(3)9, 17(3)12, 17(4)14, 17(4)15, 17(4)16, 18(1)3, 18(1)4, 18(2)7, 18(3)9, 18(3)10, 18(3)11, 18(4)12, 18(4)14
prior, 2(2)159, 10(3)12, 11(2)3, 12(1)2, 12(1)3, 14(1)8, 15(2)10
problem, 1(1)3, 2(3)269, 2(3)295, 5(3)238, 9(2)162, 9(4)391, 10(2)5, 10(2)8, 10(3)9, 10(3)10, 10(3)12, 10(4)1, 10(4)3, 11(2)2, 11(3)12, 11(3)15, 11(4)19, 12(1)2, 12(1)6, 12(2)9, 12(3)18, 12(4)20, 13(3)22, 13(3)26, 13(3)27, 13(4)33, 13(4)36, 13(4)40, 14(3)25, 14(4)31, 15(4)15, 16(1)3, 16(1)4, 16(3)11, 16(4)15, 17(2)8, 17(3)11, 17(4)15, 18(1)3
property, 1(1)66, 1(1)93, 2(1)34, 2(2)177, 9(4)391, 10(1)2, 10(2)7, 10(2)8, 10(3)9, 11(1)2, 11(3)12, 11(3)13, 12(1)2, 12(1)3, 12(2)8, 12(2)9, 12(3)14, 12(3)18, 12(3)19, 12(4)21, 13(3)26, 13(4)41, 14(2)16, 15(1)4, 15(2)9, 15(2)10, 15(3)14, 16(1)3, 16(2)5, 17(1)3, 17(1)4, 18(1)3, 18(2)6, 18(2)8, 18(4)12
protect, 2(3)332, 11(1)3, 12(3)15, 13(3)22, 13(3)28, 13(4)32, 16(1)1, 16(2)6, 17(1)4, 17(3)10, 18(1)1
provide, 1(1)3, 1(1)93, 2(1)3, 2(1)34, 2(1)65, 2(1)105, 2(3)230, 2(4)390, 7(2)319, 10(1)3, 10(2)8, 10(3)10, 10(4)2, 10(4)6, 11(1)3, 11(1)4, 11(2)2, 11(3)12, 11(3)13, 11(4)17, 11(4)20, 11(4)23, 12(1)2, 12(1)3, 12(2)8, 12(2)9, 12(3)14, 12(3)15, 12(3)16, 12(4)22, 13(3)22, 13(3)24, 13(4)31, 13(4)34, 13(4)38, 13(4)41, 14(1)4, 14(1)7, 14(1)8, 14(3)25, 14(4)28, 15(2)6, 15(2)10, 15(4)17, 16(1)3, 16(2)5, 16(3)9, 16(3)11, 16(4)17, 17(2)5, 17(3)11, 17(3)12, 17(4)16, 18(1)1, 18(1)2, 18(2)5, 18(2)7, 18(4)13, 18(4)14
question, 10(4)1, 11(2)3, 11(4)21, 13(4)35, 14(3)26, 17(1)1, 17(3)11, 18(3)9
RBAC, 2(1)34, 2(1)105, 5(3)332, 7(3)392, 9(4)391, 10(1)2, 10(2)5, 12(1)1, 13(3)24, 13(3)27, 13(4)36, 14(1)3, 15(4)15, 16(2)5
realistic, 15(1)4, 15(4)16, 17(4)16
recognized, 13(3)27
refinement, 18(2)8
relationship, 2(1)3, 2(4)390, 6(1)43, 9(2)162, 9(4)391, 10(4)2, 10(4)3, 12(1)2, 13(4)40, 14(3)24, 14(4)30, 17(2)7
relevant, 10(4)4, 12(1)2, 13(3)24, 16(1)2, 17(2)7
resource, 2(3)332, 9(4)391, 10(4)4, 11(1)2, 11(1)3, 11(1)4, 11(2)2, 11(3)14, 11(4)19, 11(4)20, 12(1)1, 12(1)6, 12(4)22, 13(3)20, 14(1)7, 14(1)10, 17(1)2, 17(3)9, 18(2)6
role, 2(1)3, 2(1)65, 2(1)105, 2(2)177, 9(2)113, 10(1)2, 10(2)5, 10(4)2, 11(1)3, 11(4)20, 12(1)1, 12(3)15, 13(3)20, 13(3)27, 13(4)36, 13(4)40, 15(3)13, 15(4)15
Role-Based, 3(2)85, 12(3)15, 13(4)36
rule, 2(1)65, 10(1)4, 10(4)2, 10(4)4, 10(4)5, 12(1)5, 12(4)21, 14(1)2, 15(2)6, 16(4)16, 17(2)7
scale, 16(3)11
scheme, 7(2)206, 7(4)523, 8(2)228, 9(3)325, 9(4)461, 10(4)5, 11(2)4, 11(2)5, 11(3)14, 11(3)15, 11(4)18, 11(4)22, 12(1)2, 12(1)3, 12(2)9, 12(3)15, 12(3)16, 12(3)18, 13(4)29, 13(4)31, 13(4)37, 13(4)41, 14(1)5, 15(2)9, 17(2)6, 17(3)10, 17(4)14, 17(4)15
sound, 10(2)6, 10(4)2, 13(3)20, 16(2)6
step, 10(1)2, 10(1)4, 12(3)18, 12(3)19, 12(4)22, 13(1)10, 13(4)40, 14(3)26, 14(3)27, 16(1)4, 16(3)10
technique, 1(1)3, 2(2)138, 2(3)230, 2(3)295, 2(4)416, 7(2)274, 9(4)391, 9(4)461, 10(2)6, 10(3)9, 10(4)6, 11(2)2, 11(3)12, 11(3)16, 11(4)17, 11(4)18, 11(4)22, 12(1)4, 12(2)11, 12(2)13, 12(3)16, 12(3)18, 13(3)22, 13(3)25, 13(3)28, 13(4)32, 13(4)33, 13(4)35, 13(4)36, 13(4)39, 14(1)3, 14(1)5, 14(1)6, 14(1)13, 14(3)24, 14(4)32, 15(1)2, 15(1)5, 15(2)7, 15(2)8, 15(3)12, 15(4)17, 16(1)2, 16(2)6, 16(2)7, 16(3)11, 16(4)13, 16(4)14, 17(3)9, 17(3)12, 17(4)16, 18(1)2, 18(2)6, 18(3)11
tens, 2(1)65, 18(1)2
then, 1(1)3, 2(1)3, 2(1)65, 2(2)138, 9(4)461, 10(1)2, 10(1)4, 11(2)4, 11(4)18, 12(2)8, 12(2)13, 12(3)18, 12(4)22, 13(1)10, 13(3)22, 13(3)25, 13(4)32, 14(4)30, 14(4)31, 14(4)32, 15(1)4, 15(2)6, 15(3)13, 16(2)5, 16(2)8, 17(3)9, 17(4)15, 18(1)3, 18(1)4, 18(4)12
there, 11(2)6, 12(1)2, 12(2)8, 12(4)20, 13(3)21, 13(4)34, 14(1)9, 14(4)30, 14(4)31, 16(1)4, 17(1)2
thousand, 2(1)65, 10(1)4, 14(4)29, 18(2)7
tool, 1(1)66, 2(3)332, 2(4)390, 7(2)274, 9(2)181, 10(4)2, 12(2)10, 13(3)24, 13(3)26, 13(4)30, 13(4)40, 14(1)6, 15(1)3, 16(1)4, 16(2)7, 17(2)7, 18(1)1, 18(1)4
Tripunitara, Mahesh, 12(4)20
unlikely, 13(3)25
used, 1(1)3, 2(1)65, 2(4)416, 7(2)319, 9(2)181, 10(1)2, 10(2)5, 10(2)7, 10(2)8, 10(4)2, 11(1)2, 11(1)3, 11(2)3, 11(3)14, 11(3)15, 11(3)16, 11(4)21, 11(4)22, 12(2)8, 12(3)15, 13(1)10, 13(3)22, 13(3)25, 13(4)29, 13(4)34, 14(1)3, 14(1)12, 14(1)13, 14(3)27, 15(1)3, 15(1)5, 15(3)12, 15(4)17, 16(2)7, 16(2)8, 16(3)10, 17(1)1, 17(2)7, 17(3)9, 17(4)13, 18(1)3, 18(2)5, 18(2)6, 18(3)9, 18(4)13, 18(4)14
verification, 2(3)332, 3(1)51, 8(3)287, 10(2)5, 10(2)6, 10(2)7, 10(3)9, 10(3)11, 11(2)5, 11(3)14, 12(1)3, 12(1)6, 14(1)5, 14(3)25, 14(4)32, 15(1)3, 15(2)9, 16(2)8, 17(2)6, 18(2)6, 18(2)8, 18(3)11, 18(4)14
verifying, 2(3)332, 10(2)5, 10(2)7, 10(3)11, 11(2)5, 14(3)25
well, 1(1)93, 10(1)2, 10(2)8, 10(3)11, 10(3)12, 11(1)3, 11(1)4, 11(2)5, 11(3)15, 12(1)1, 12(1)3, 12(1)5, 12(2)10, 13(1)10, 13(3)26, 14(1)3, 14(1)5, 14(1)14, 14(3)23, 15(3)12, 15(4)15, 15(4)16, 16(2)8, 17(3)9, 17(3)10, 17(3)11, 18(1)3, 18(2)5
worst-case, 11(4)19, 15(3)14, 17(3)11