April 9-11th 2014
Churchill College, Cambridge UK


Session Title

Automatic verification and correction of access control specifications in a text-based DSL

Session Type Case Study
Duration 45 minutes
Session Description

Access control, and in particular authorisation, focuses on deciding who can access which resource, how, and under which conditions. Role-Based Access Control (RBAC) is a standardised authorisation model that assigns roles to users, and permissions to roles, instead of directly assigning permissions to users; RBAC helps administrators in maintaining large user directories that would be too difficult to handle using traditional user-permission models. Yet, getting an authorisation policy right is an incredibly complex task: give users too many permissions and they will have access to resources they should not have access to; give them too few and they will not have access to the resources they need to get their job done.

In this session, we will present and demonstrate rbacMDE, a text-based Domain-Specific Language that allows designers and administrators to model their access control policies, as well as scenarios that represent instances of requirements that their access control policies must meet (e.g. "User John Doe, with the HR manager role, must be able to update employees’ pay grade", or "User Janie Smith, with the HR clerk role, must not be able to update employees’ pay grade").

rbacMDE has been developed using Xtext. It can automatically verify the well-formedness of the policies and scenarios, as well as the compliance of the access control policies with the scenarios. Upon detecting errors, rbacMDE is capable of suggesting corrections automatically, either for individual errors (i.e. "quick fixes"), or for the entire model, bringing the entire policy to a well-formed state that conforms to all the scenarios expressed.


Lionel Montrieux (The Open University)

Lionel Montrieux got his Ph.D. from The Open University, Milton Keynes, after defending his dissertation on Model-Based Analysis of Role-Based Access Control. He is now a postdoctoral researcher at The Open University. His research interests include model-driven engineering, domain-specific languages, access control, and adaptive security.