universit de sherbrooke
play

UNIVERSIT DE SHERBROOKE Introduction SGAC Formalization - PowerPoint PPT Presentation

Apr 12, 2023 •189 likes •438 views

Validating SGAC Access Control Policies with Alloy and ProB Nghi Huynh, Marc Frappier, Amel Mammar and R egine Laleau FA 2018, April 30th UNIVERSIT DE SHERBROOKE Introduction SGAC Formalization Automated verification Conclusion

  1. Validating SGAC Access Control Policies with Alloy and ProB Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau FA 2018, April 30th UNIVERSITÉ DE SHERBROOKE

  2. Introduction SGAC Formalization Automated verification Conclusion Introduction 1 SGAC 2 Formalization 3 Automated verification 4 Conclusion 5 Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 2 / 20

  3. Introduction SGAC Formalization Automated verification Conclusion Motivation Consent Management in Electronic Health Records Hospital of Universit´ e de Sherbrooke (CHUS) in Qu´ ebec, Canada. Two major stakes in access control (healthcare) : 1) patient privacy → consent 2) patient safety → ??????? Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 3 / 20

  4. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Presentation of SGAC SGAC = Automated Consent Management System Designed to meet CHUS requirements Features: hierarchy among users; hierarchy among data; explicit prohibitions; automated conflict resolutions. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 4 / 20

  5. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Example Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 5 / 20

  6. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Conflict Resolution Strategy r a has precedence over r b iff: r a ’s priority value is lower; 1 ex: r 2 has precedence over r 3 . or same priority and 2 r a ’s subject is more specific; ex: r 1 has precedence over r 2 . or same priority and 3 incomparable subjects, and r a . m = − r b . m = +. ex: r 1 has precedence over r 4 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 6 / 20

  7. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Conflict Resolution Strategy r a has precedence over r b iff: r a ’s priority value is lower; 1 ex: r 2 has precedence over r 3 . or same priority and 2 r a ’s subject is more specific; ex: r 1 has precedence over r 2 . or same priority and 3 incomparable subjects, and r a . m = − r b . m = +. ex: r 1 has precedence over r 4 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 6 / 20

  8. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Conflict Resolution Strategy r a has precedence over r b iff: r a ’s priority value is lower; 1 ex: r 2 has precedence over r 3 . or same priority and 2 r a ’s subject is more specific; ex: r 1 has precedence over r 2 . or same priority and 3 incomparable subjects, and r a . m = − r b . m = +. ex: r 1 has precedence over r 4 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 6 / 20

  9. Introduction SGAC Presentation Formalization Example Automated verification Behaviour Conclusion Conflict Resolution Strategy r a has precedence over r b iff: r a ’s priority value is lower; 1 ex: r 2 has precedence over r 3 . or same priority and 2 r a ’s subject is more specific; ex: r 1 has precedence over r 2 . or same priority and 3 incomparable subjects, and r a . m = − r b . m = +. ex: r 1 has precedence over r 4 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 6 / 20

  10. Introduction SGAC Properties Formalization Formalization Automated verification Request Evaluation Conclusion Properties The properties we want to check are: access: can health worker W have access to the document D ? ineffective rule detection: what are the rules that are never taken into account when evaluating a request ? important hidden data detection: are there important data that are unreachable by any health worker ? granting context detection: in which contexts is a given request granted ? Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 7 / 20

  11. Introduction SGAC Properties Formalization Formalization Automated verification Request Evaluation Conclusion Formalization Huynh et al. , SGAC: A patient-centered access control method, (RCIS’16). Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 8 / 20

  12. Introduction SGAC Properties Formalization Formalization Automated verification Request Evaluation Conclusion Rule ordering r a has precedence over r b iff: r a ’s priority value is lower; 1 ex: r 2 has precedence over r 3 . Two steps : or introduction of ’ ≺ ’: ordering same priority and 2 with priority and subject r a ’s subject is more specific; specificity (phase 1-2); ex: r 1 has precedence over r 2 . introduction of ’ < ’: final or ordering (phase 3). same priority and 3 incomparable subjects, and r a . m = − r b . m = +. ex: r 1 has precedence over r 4 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 9 / 20

  13. Introduction SGAC Properties Formalization Formalization Automated verification Request Evaluation Conclusion Why two steps? Only maximal elements of ≺ must be compared with their modality. ex: without the maximal element condition, r 1 < r 2 , r 3 < r 4 , r 2 < r 3 and r 4 < r 1 . Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 10 / 20

  14. Introduction SGAC Properties Formalization Formalization Automated verification Request Evaluation Conclusion Request Evaluation In order to evaluate a request in a given context : 1 we select all applicable rules to the request; 2 we order the applicable rules; 3 we analyse the graph made of the ordered rules : the sinks of the graph determine the result of the request. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 11 / 20

  15. Introduction SGAC Alloy Formalization ProB Automated verification Performance test Conclusion Automated verification We use first order logic based tools : Alloy and ProB. Alloy Alloy is a model finder that offers a graphical interface and evaluator that are very useful to debug and help understandings counter-examples. ProB ProB is a model checker and animator for the B method. Its constraint solving capability allows it to do model finding. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 12 / 20

  16. Introduction SGAC Alloy Formalization ProB Automated verification Performance test Conclusion Let’s get started : simplifications first ! In order to be able to conduct tractable verification with the tools, we have to make some adjustments: reduce the size of the graphs: verification is done for each patient, thus resource graph can be cut ; ignore the actions: the approach taken for each action is the same; reduce computational burden: with the current approach, a graph is built for each context+request → 1 request = 1 graph. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 13 / 20

  17. Introduction SGAC Alloy Formalization ProB Automated verification Performance test Conclusion Alloy Difficulty Alloy cannot handle the number of requests ( | PERSON × DOCUMENTS | ). Solution Explicitly define one request at a time. The others target also persons and documents but are left undetermined. Results Alloy can conduct the verification, but some properties cannot be directly verified. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 14 / 20

  18. Introduction SGAC Alloy Formalization ProB Automated verification Performance test Conclusion ProB Difficulty ProB does not manage to process and order the rules for all the requests. Solution Program and guide the variable calculus order. Ex: process ≺ et < successively and separately. Results ProB finally manages to order the rules, and this solution provides a way to reduce further the processing time. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 15 / 20

  19. Introduction SGAC Alloy Formalization ProB Automated verification Performance test Conclusion ProB Difficulty How can we encode efficiently the properties ? Solution Properties are encoded into the operations of each machine. For instance, access(req,con) precondition : arguments req and con are a request and a context. postcondition : result of req within the context con . Results Verification is done for all possible combinations; All properties are verified in only one run. Nghi Huynh, Marc Frappier, Amel Mammar and R´ egine Laleau SGAC policy verification using Alloy and ProB 16 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Two dimensional quantum memories David Poulin Dpartement de Physique Universit de Sherbrooke

Two dimensional quantum memories David Poulin Dpartement de Physique Universit de Sherbrooke

Two dimensional quantum memories David Poulin Dpartement de Physique Universit de Sherbrooke Collaborators H. Bombin, S. Bravyi, G. Duclos-Cianci, O. Landon-Cardinal, and B. Terhal Institut transdisciplinaire dinformatique quantique,

1.95k views • 162 slides
Open Reflective Agents Sylvain Giroux LICEF, Tl-Universit 1001 Sherbrooke est C.P. 5250,

Open Reflective Agents Sylvain Giroux LICEF, Tl-Universit 1001 Sherbrooke est C.P. 5250,

Open Reflective Agents Sylvain Giroux LICEF, Tl-Universit 1001 Sherbrooke est C.P. 5250, succ. C Montral, P.Q. Canada H2X 3M4 sgiroux@teluq.uquebec.ca PLAN 1- Motivation and approach 2- Adaptation 1- The viewpoint of Gregory

395 views • 21 slides
Quantum Transport UPoN 2015 Karl Thibault 1 In collaboration with : Julien Gabelli 2 , Christian

Quantum Transport UPoN 2015 Karl Thibault 1 In collaboration with : Julien Gabelli 2 , Christian

Pauli-Heisenberg Oscillations in Electron Quantum Transport UPoN 2015 Karl Thibault 1 In collaboration with : Julien Gabelli 2 , Christian Lupien 1 , Bertrand Reulet 1 1- Universit de Sherbrooke Sherbrooke, Qubec, Canada 2 - Universit de

510 views • 25 slides
A Cluster Method for Spectral Properties of Correlated Electrons David Snchal Department

A Cluster Method for Spectral Properties of Correlated Electrons David Snchal Department

A Cluster Method for Spectral Properties of Correlated Electrons David Snchal Department de physique Universit de Sherbrooke HPCS 2003 May 13, 2003 UNIVERSIT DE SHERBROOKE Outline The Hubbard Model of Correlated Electrons

608 views • 31 slides
A different North-American Vision...? UNIVERSIT DE SHERBROOKE 1 2011-06-24 Outline

A different North-American Vision...? UNIVERSIT DE SHERBROOKE 1 2011-06-24 Outline

2011-06-24 ITS in the Canadian Context: Initiatives, challenges, and some particular projects U. Valenciennes 2011 Soumaya Cherkaoui, PhD. Ing. Director, INTERLAB Professor, Department of Electrical and Computer Engineering Universit de

405 views • 38 slides
Formation and propagation of shock-generated vortex rings Martin Brouillette and Christian H

Formation and propagation of shock-generated vortex rings Martin Brouillette and Christian H

Formation and propagation of shock-generated vortex rings Martin Brouillette and Christian H ebert Laboratoire dondes de choc Universit e de Sherbrooke Sherbrooke (Qu ebec) CANADA 1 Outline 1. Introduction 2. Experimental

416 views • 25 slides
A bridge between continuous and discrete multiD persistence N. Cavazza 1 , M. Ethier 2 , P. Frosini

A bridge between continuous and discrete multiD persistence N. Cavazza 1 , M. Ethier 2 , P. Frosini

A bridge between continuous and discrete multiD persistence N. Cavazza 1 , M. Ethier 2 , P. Frosini 1 , T. Kaczynski 2 , Claudia Landi 3 1 Universit` a di Bologna 2 Universit e de Sherbrooke 3 Universit` a di Modena e Reggio Emilia Applied and

357 views • 31 slides
Sherbrooke, An Innovation Hub &amp; Gateway to the North American Market Martine Courtemanche

Sherbrooke, An Innovation Hub &amp; Gateway to the North American Market Martine Courtemanche

Sherbrooke, An Innovation Hub &amp; Gateway to the North American Market Martine Courtemanche Director, Business Services Life Sciences &amp; MicroNanotechnologies September 9, 2019 Sherbrooke : Gateway to the North American Market Regional

458 views • 13 slides
A combinatorial application of quantum information in percolation theory Nicolas Delfosse -

A combinatorial application of quantum information in percolation theory Nicolas Delfosse -

1 A combinatorial application of quantum information in percolation theory Nicolas Delfosse - Universit de Sherbrooke joint work with Gilles Zmor - Universit de Bordeaux http://arxiv.org/abs/1408.4031 QEC14 - December 19, 2014 From

707 views • 51 slides
Trade in virtual carbon: Evidence from spatial econometric models Jie He Universit de

Trade in virtual carbon: Evidence from spatial econometric models Jie He Universit de

Trade in virtual carbon: Evidence from spatial econometric models Jie He Universit de Sherbrooke, Canada Jaime de Melo* FERDI and university of Geneva, Switzerland Haisheng Yang Sun Yat-sen University, China * Ferdi, Fudan University, and

373 views • 34 slides
Coordination of Components in a Distributed Discrete-Event System Ahmed Khoumsi Universit e

Coordination of Components in a Distributed Discrete-Event System Ahmed Khoumsi Universit e

Coordination of Components in a Distributed Discrete-Event System Ahmed Khoumsi Universit e de Sherbrooke, Canada. ISPDC, Lille, France, 4-6 July 2005 Outline Outline Introduction Problem, Coordination

247 views • 12 slides
Vitamins and Antioxidants implication in frailty prevention Tamas Fulop M.D., PhD Universit

Vitamins and Antioxidants implication in frailty prevention Tamas Fulop M.D., PhD Universit

Vitamins and Antioxidants implication in frailty prevention Tamas Fulop M.D., PhD Universit de Sherbrooke CONFLICT OF INTEREST DISCLOSURE I have the following potential conflict(s) of interest to report - Consultation fee from Eisai and Co,

624 views • 50 slides
Genericity of a model- based intrusion testing method Aymerick Savary 1,2 , Mathieu Lassale 1,2

Genericity of a model- based intrusion testing method Aymerick Savary 1,2 , Mathieu Lassale 1,2

Genericity of a model- based intrusion testing method Aymerick Savary 1,2 , Mathieu Lassale 1,2 Jean-Louis Lanet 1 , Marc Frappier 2 SDTA, december 2014, Auvergne, France 1 Universit de Limoges 2 Universit de Sherbrooke Genericity of a

404 views • 24 slides
of functional limitation and disability (NuAge Study) Hlne Payette, U Sherbrooke (Qc) CAN

of functional limitation and disability (NuAge Study) Hlne Payette, U Sherbrooke (Qc) CAN

Dietary Protein Food Clusters and risk of functional limitation and disability (NuAge Study) Hlne Payette, U Sherbrooke (Qc) CAN Collaborators: P Gaudreau (U Montreal), JA Morais (McGill U) , B Shatenstein (U Montreal), M Sene (U

542 views • 23 slides
2D Stabilizer Codes Hctor Bombn Perimeter Institute collaborators David Poulin Universit

2D Stabilizer Codes Hctor Bombn Perimeter Institute collaborators David Poulin Universit

H. Bombin, G. Duclos-Cianci, D. Poulin arXiv:1103.4606 H. Bombin arXiv:1107.2707 Universal Topological Phase of 2D Stabilizer Codes Hctor Bombn Perimeter Institute collaborators David Poulin Universit de Sherbrooke Guillaume

735 views • 51 slides
BIOLOGICAL REMOVAL OF HYDROGEN SULPHIDE FROM LANDFILL SITE BIOGAS Rania Ibrahim 1 , Shahram

BIOLOGICAL REMOVAL OF HYDROGEN SULPHIDE FROM LANDFILL SITE BIOGAS Rania Ibrahim 1 , Shahram

BIOLOGICAL REMOVAL OF HYDROGEN SULPHIDE FROM LANDFILL SITE BIOGAS Rania Ibrahim 1 , Shahram Navaee-Ardeh 1 , Hubert Cabana 1 1 Department of Civil Engineering, University of Sherbrooke, 2500 Boulevard de lUniversit, Sherbrooke, Qubec, J1K

265 views • 15 slides
Information Ordering Ling 573 Systems and Applications May 3, 2016 Roadmap Ordering

Information Ordering Ling 573 Systems and Applications May 3, 2016 Roadmap Ordering

Information Ordering Ling 573 Systems and Applications May 3, 2016 Roadmap Ordering models: Chronology and topic structure Mixture of experts Preference ranking: Chronology, topic similarity, succession/precedence

359 views • 20 slides
Computer Science &amp; Engineering 150A Introduction Problem Solving Using Computers Relational

Computer Science &amp; Engineering 150A Introduction Problem Solving Using Computers Relational

CSCE150A Computer Science &amp; Engineering 150A Introduction Problem Solving Using Computers Relational Operators Lecture 04 - Conditionals Logical Operators Comparing Characters Stephen Scott if Statement Nested if (Adapted from

711 views • 60 slides
Definition ! A (rooted) tree is a structure defined on a finite set of nodes that either: Trees

Definition ! A (rooted) tree is a structure defined on a finite set of nodes that either: Trees

Definition ! A (rooted) tree is a structure defined on a finite set of nodes that either: Trees Contains no nodes, or Contains a specially designated node called the root and k&gt;=0 disjoint sets of nodes T 1 ,,T k , where

352 views • 3 slides
1 Binomial Heaps Binomial- -Heap Heap- -Union Union Binomial Heaps Binomial Binomial-

1 Binomial Heaps Binomial- -Heap Heap- -Union Union Binomial Heaps Binomial Binomial-

Binomial Heaps Binomial trees Binomial Heaps Binomial trees Def. For each non-negative integer k, a binomial tree B k of root degree k is an ordered tree defined recursively as follow: 1) B 0 consists of a single node 2) B k consists of two

194 views • 3 slides
ROBERTS RULES of ORDER NYS PTA CONVENTION 2019 Steven T. Anderson PRP Agenda -Tips for

ROBERTS RULES of ORDER NYS PTA CONVENTION 2019 Steven T. Anderson PRP Agenda -Tips for

ROBERTS RULES of ORDER NYS PTA CONVENTION 2019 Steven T. Anderson PRP Agenda -Tips for Delegates -Problem Principles -Problem Motions -Problem Elections -Problem People Tips for Delegates --Pay Attention, listen for your opportunity.

414 views • 8 slides
Math 211 Math 211 Lecture #1 August 29, 2000 2 Welcome to Math 211 Welcome to Math 211 Math

Math 211 Math 211 Lecture #1 August 29, 2000 2 Welcome to Math 211 Welcome to Math 211 Math

1 Math 211 Math 211 Lecture #1 August 29, 2000 2 Welcome to Math 211 Welcome to Math 211 Math 211 Section 4 John C. Polking Herman Brown 402 713-348-4841 polking@rice.edu Office Hours: 1:30 2:30 TWTh 3 Ordinary Differential

589 views • 15 slides
Solving ordinary differential equations and Taylor expansion ebrahimi December 16, 2015 . .

Solving ordinary differential equations and Taylor expansion ebrahimi December 16, 2015 . .

Solving ordinary differential equations and Taylor expansion ebrahimi December 16, 2015 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ebrahimi Solving ordinary

833 views • 35 slides
Continuous-time systems 1 March 2, 2015 Continuous-time systems 1 Linear differential equations

Continuous-time systems 1 March 2, 2015 Continuous-time systems 1 Linear differential equations

Linear differential equations Laplace transform Solving LDEs with the Laplace transform Continuous-time systems 1 March 2, 2015 Continuous-time systems 1 Linear differential equations Laplace transform Solving LDEs with the Laplace transform

907 views • 51 slides

More recommend