Access Control Policy Specification and Verification
Research Areas: End System Security, Policy, Law and Management,
![[topcap]](/images/floating_sidebar_topcap.png){kind=small}
Research Areas
![[bottomcap]](/images/floating_sidebar_bottomcap.png){kind=small}
Principal Investigator: Ninghui Li
This research program is motivated by the observation that today’s security problems are often caused by errors in policy specification and management, rather than failure in, for example, cryptographic primitives. Formal verification techniques have been successfully applied to the design and analysis of hardware, software, distributed algorithms, and cryptographic protocols. This project aims at achieving similar success in access control.
This project studies novel approaches to specifying properties about access control policies and the verification of them. Recent results include security analysis in trust management and role based access control, analyzing the relationship between separation of duty policies and role mutual exclusion constraints, the development of a novel algebra for specifying multi-user policies, the introduction of resiliency policies, and so on.
Personnel
- Mahesh Tripunitara
- Qihua Wang
Keywords: policy, cryptography, security analysis, verification
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy