Defense in Depth Formulation and Usage in Dynamic Access Control

  • Ridha KhedriEmail author
  • Owain Jones
  • Mohammed Alabbad
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10204)


Many network systems secure their resources using a defense in depth strategy, which can result in complex policies being distributed on the many access control points of a network. These policies are subject to frequent changes to deal with different factors such as change in security situation or change in resources. Moreover, while we have a vague intuitive understanding of the defense in depth strategy, we certainly lack a rigorous definition for it that would allow us to objectively assess whether a policy distribution on a network satisfies this strategy. In this paper, we propose a definition for defense in depth based on a notion of refinement given in product family algebra. We use this definition to articulate several implementations of the defense in depth strategy taking into account local access policies and global constraints on the resources of the considered network. We also discuss the automation of the calculations needed to derive the appropriate access policies to deploy at the nodes of a network.


Access control policies Dynamic access control Defense in depth strategy Formal methods Software product families Algebraic approaches 


  1. 1.
    Burns, J., Cheng, A., Gurung, P., Rajagopalan, S., Rao, P., Rosenbluth, D., Surendran, A.V., Martin, D.M.: Automatic management of network security policy. In: DARPA Information Survivability Conference & Exposition II (DISCEX 2001), vol. 2. pp. 12–26. DARPA in cooperation with the IEEE Computer Society’s Technical Committee on Security and Privacy. IEEE, Anaheim, CA, 12–14 June 2001Google Scholar
  2. 2.
    Cheng, P.C., Rohatgi, P., Keser, C., Karger, P., Wagner, G., Reninger, A.: Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy, pp. 222–230, May 2007Google Scholar
  3. 3.
    Desharnais, J., Frappier, M., Khedri, R., Mili, A.: Integration of sequential scenarios. IEEE Trans. Softw. Eng. 24(9), 695–708 (1998)CrossRefGoogle Scholar
  4. 4.
    Dijkstra, E., Scholten, C.: Predicate Calculus and Program Semantics. Springer-Verlag New York Inc., New York (1990)CrossRefzbMATHGoogle Scholar
  5. 5.
    Ferraiolo, D., Kuhn, R.: Role-based access control. In: 15th NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)Google Scholar
  6. 6.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)CrossRefGoogle Scholar
  7. 7.
    Foster, S., Struth, G., Weber, T.: Automated engineering of relational and algebraic methods in Isabelle/HOL. In: de Swart, H. (ed.) Relational and Algebraic Methods in Computer Science. LNCS, vol. 6663, pp. 52–67. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Gries, D., Schenider, F.: A Logical Approach to Discrete Math. Springer Texts and Monographs in Computer Science. Springer, New York (1993)CrossRefGoogle Scholar
  9. 9.
    Höfner, P., Khedri, R., Möller, B.: Feature algebra. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 300–315. Springer, Heidelberg (2006). doi: 10.1007/11813040_21 CrossRefGoogle Scholar
  10. 10.
    Höfner, P., Khedri, R., Möller, B.: Algebraic view reconciliation. In: 6th IEEE International Conferences on Software Engineering and Formal Methods, pp. 85–94, Cape Town, South Africa, 10–14 November 2008Google Scholar
  11. 11.
    Höfner, P., Khedri, R., Möller, B.: An algebra of product families. Softw. Syst. Model. 10(2), 161–182 (2011)CrossRefGoogle Scholar
  12. 12.
    Höfner, P., Khedri, R., Möller, B.: Supplementing product families with behaviour. Int. J. Softw. Inf. 5, 245–266 (2011)Google Scholar
  13. 13.
    Horcas, J.-M., Pinto, M., Fuentes, L.: Closing the gap between the specification and enforcement of security policies. In: Eckert, C., Katsikas, S.K., Pernul, G. (eds.) TrustBus 2014. LNCS, vol. 8647, pp. 106–118. Springer, Cham (2014). doi: 10.1007/978-3-319-09770-1_10 Google Scholar
  14. 14.
    Hu, C.T., Ferraiolo, D.F., Kuhn, D.R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (ABAC) definition and considerations, January 2014Google Scholar
  15. 15.
    Hu, V., Kuhn, D., Ferraiolo, D., Voas, J.: Attribute-based access control. Computer 48(2), 85–88 (2015)CrossRefGoogle Scholar
  16. 16.
    Janicki, R., Khedri, R.: On a formal semantics of tabular expressions. Sci. Comput. Program. 39(1–2), 189–213 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Khedri, R., Wu, R., Sanga, B.: SCENATOR: a prototype tool for requirements inconsistency detection. In: Wang, F., Lee, I. (eds.) Proceedings of the 1st International Workshop on Automated Technology for Verification and Analysis, pp. 75–86. National Taiwan University, Taiwan, Republic of China, 10–13 December 2003Google Scholar
  18. 18.
    Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Validating and restoring defense in depth using attack graphs. In: MILCOM 2006–2006 IEEE Military Communications Conference, pp. 1–10, October 2006Google Scholar
  19. 19.
    Möller, B., Struth, G.: wp is wlp. In: MacCaull, W., Winter, M., Düntsch, I. (eds.) Relational Methods in Computer Science. LNCS, vol. 3929, pp. 200–211. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Parnas, D.L.: Precise description and specification of software. In: Software Fundamentals. Addison-Wesley (1997)Google Scholar
  21. 21.
    Parnas, D.L.: A generalized control structure and its formal definition. Commun. ACM 26(8), 572–581 (1983)CrossRefzbMATHGoogle Scholar
  22. 22.
    Parnas, D.L.: Tabular representation of relations. CRL Report 260, Communications Research Laboratory, Faculty of Engineering, McMaster University, Hamilton, Ontario, Canada, October 1992Google Scholar
  23. 23.
    Rushby, J., Srivas, M.: Using PVS to prove some theorems of David Parnas. In: Joyce, J.J., Seger, C.J.H. (eds.) Higher Order Logic Theorem Proving and its Applications. LNCS, vol. 780, pp. 163–173. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  24. 24.
    Samarati, P., Vimercati, S.D.C.D.: Access control: policies, models, and mechanisms. In: Revised Versions of Lectures Given During the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures, FOSAD 2000 (2001)Google Scholar
  25. 25.
    Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control: towards a unified standard. In: Proceedings of the Fifth ACM Workshop on Role-based Access Control, pp. 47–63, RBAC 2000, NY, USA. ACM, New York (2000)Google Scholar
  26. 26.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  27. 27.
    Scarfone, K., Hoffman, P.: Guidelines on firewalls and firewall policy. Technical report, National Institute of Standards and Technology (NIST) (2009)Google Scholar
  28. 28.
    Vahdat, A., Clark, D., Rexford, J.: A purpose-built global network: Google’s move to SDN (a discussion with Amin Vahdat, David Clark, and Jennifer Rexford). Commun. ACM 59(3), 46–54 (2016). CrossRefGoogle Scholar
  29. 29.
    Zhang, Q., Khedri, R.: On the weaving process of aspect-oriented product family algebra. J. Logical Algebraic Meth. Program. 85(1), 146–172 (2016)., special Issue on Formal Methods for Software Product Line EngineeringMathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Zhang, Q., Khedri, R., Jaskolka, J.: Verification of aspectual composition in feature-modeling. In: Eleftherakis, G., Hinchey, M., Holcombe, M. (eds.) Software Engineering and Formal Methods. LNCS, vol. 7504, pp. 109–125. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  31. 31.
    Zhang, Q., Khedri, R., Jaskolka, J.: An aspect-oriented language for feature-modeling. J. Ambient Intell. Humanized Comput. 5, 343–356 (2014)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  1. 1.Department of Computing and Software, Faculty of EngineeringMcMaster UniversityHamiltonCanada
  2. 2.CMC MicrosystemsKingstonCanada

Personalised recommendations