Formal Verification for Access Control in Web Information Sharing System

  • Akihiro Sakai
  • Yoshiaki Hori
  • Kouichi Sakurai
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


When we write access-control description of the Web Applications using the group and the role, there is a problem that it is difficult for a user to decide the joint ownership partner of data. Therefore, there are the trials for describing access-control using social networks. However, unexpected defects might sneak in this description if it is marked in a careless manner. In this paper, we propose the formal definition of the access-control description consist of the first-order predicate logic for the automatic checking.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)Google Scholar
  3. 3.
    Friend of a Friend,
  4. 4.
    Goecks, J., Mynatt, E.: Leveraging Social Networks for Information Sharing. In: Proc. Workshop on Social Networks, CSCW 2004 (2004)Google Scholar
  5. 5.
    Jackson, D.: Software Abstractions: Logic, Language, And Analysis. MIT Press, Cambridge (2006)Google Scholar
  6. 6.
    Maruoka, M., Nemati, G., Barolli, V., Enokido, T.: Role-based Access Control in Peer-to-Peer (P2P) Societies. In: Proc. 22nd International Conference on Advanced Information Networking and Applications - Workshops, pp. 495–500 (2008)Google Scholar
  7. 7.
    Role-Based Access Control, ANSI INCITS 359-2004, American National Standard for Information Technology (2004)Google Scholar
  8. 8.
  9. 9.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  10. 10.
    Zao, J., Wee, H., Chu, J., Jackson, D.: RBAC Schema Verification Using Lightweight Formal Model and Constraint Analysis. MIT, Cambridge (2002)Google Scholar
  11. 11.
    Junichiro, M., Yutaka, M., Tatsuhiko, S., Mitsuru, I.: Real-world oriented Information Sharing System. In: The 19th Annual Conference of the Japanese Society for Artificial Intelligence (2005) (in Japanese)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Akihiro Sakai
    • 1
  • Yoshiaki Hori
    • 2
  • Kouichi Sakurai
    • 2
  1. 1.Graduate School of Information Science and Electrical EngineeringKyushu UniversityJapan
  2. 2.Faculty of Information Science and Electrical EngineeringKyushu UniversityJapan

Personalised recommendations