Security and Communication Networks

Research Article

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Algorithm 4

Validation of the conformity of concrete access control policies.

Inputs:specifications.mch,implementations.mch.
Outputs: HiddenUsers, HiddenRoles,HiddenAUR, HiddenARR, HiddenAPR, HiddenACFlow,
MissedUsers, MissedRoles, MissedAUR, MissedARR, MissedAPR, MissedACFlow, RenamedUsers,
RenamedRoles, Redundancy, DacRedundancy, conformity.
Begin
read_specifications_machines ();
read_implementations_machines ();
conformity = true;
// checking the equivalence between users
HiddenUsers = calculate_hiddenusers (Users, Users_imp);
MissedUsers = calculate_missedusers (Users, Users_imp);
RenamedUsers = calculate_renamedusers (HiddenUsers, MissedUsers, AUR, AUR_imp, APR, APR_imp);
if (HiddenUsers ≠ ∅ or MissedUsers ≠ ∅ or RenamedUsers ≠ ∅) then
conformity = false;
end if;
// checking the equivalence between roles
HiddenRoles = calculate_hiddenroles (Roles, Roles_imp);
MissedRoles = calculate_missedroles (Roles, Roles_imp);
RenamedRoles = calculate_renamedroles (HiddenRoles, MissedRoles, APR, APR_imp);
if (HiddenRoles ≠ ∅ or MissedRoles ≠ ∅ or RenamedRoles ≠ ∅) then
conformity = false;
end if;
// checking the equivalence between users-roles assignments
HiddenAUR = calculate_hiddenAUR (AUR, AUR_imp);
MissedAUR = calculate_missedAUR (AUR, AUR_imp);
if (HiddenAUR ≠ ∅ or MissedAUR ≠ ∅) then
conformity = false;
end if;
// checking the equivalence between hierarchies of roles
HiddenARR = calculate_hiddenARR (ARR, ARR_imp);
MissedARR = calculate_missedARR (ARR, ARR_imp);
if (HiddenARR ≠ ∅ or MissedARR ≠ ∅) then
conformity = false;
end if;
// checking the equivalence between permissions-roles assignments
HiddenAPR = calculate_hiddenAPR (APR, APR_imp);
MissedAPR = calculate_missedAPR (APR, APR_imp);
if (HiddenAPR ≠ ∅ or MissedAPR ≠ ∅) then
conformity = false;
end if;
// checking the equivalence between access flows
HiddenACFlow = calculate_hiddenACFlow (HiddenAUR, HiddenARR, HiddenAPR);
MissedACFlow = calculate_missedACFlow (HiddenAUR, HiddenARR, HiddenAPR);
// checking redundancies
Redundancy = verifyRED();
DacRedundancy = verifyDACRED();
if (Redundancy ≠ ∅ or DacRedundancy ≠ ∅) then
conformity = false;
end if;
if (conformity = true) then
return (conformity);
else
save_&_return_report ();
return (non-conformity);
end if;
end.