ARBAC Policy for a Large Multi-National Bank

Administrative role-based access control (ARBAC) is the first comprehensive administrative model proposed for role-based access control (RBAC). ARBAC has several features for designing highly expressive policies, but current work has not highlighted the utility of these expressive policies. In this report, we present a case study of designing an ARBAC policy for a bank comprising 18 branches. Using this case study we provide an assessment about the features of ARBAC that are likely to be used in realistic policies

Security Analysis of Role-based Access Control through Program Verification

We propose a novel scheme for proving administrative role-based access control (ARBAC) policies correct with respect to security properties using the powerful abstraction based tools available for program verification. Our scheme uses a combination of abstraction and reduction to program verification to perform security analysis. We convert ARBAC policies to imperative programs that simulate the policy abstractly, and then utilize further abstract-interpretation techniques from program analysis to analyze the programs in order to prove the policies secure. We argue that the aggressive set-abstractions and numerical-abstractions we use are natural and appropriate in the access control setting. We implement our scheme using a tool called VAC that translates ARBAC policies to imperative programs followed by an interval-based static analysis of the program, and show that we can effectively prove access control policies correct. The salient feature of our approach are the abstraction schemes we develop and the reduction of role-based access control security (which has nothing to do with programs) to program verification problems

Policy analysis for self-administrated role-based access control

Current techniques for security analysis of administrative role-based access control (ARBAC) policies restrict themselves to the separate administration assumption that essentially separates administrative roles from regular ones. The naive algorithm of tracking all users is all that is known for the security analysis of ARBAC policies without separate administration, and the state space explosion that this results in precludes building effective tools. In contrast, the separate administration assumption greatly simplifies the analysis since it makes it sufficient to track only one user at a time. However, separation limits the expressiveness of the models and restricts modeling distributed administrative control. In this paper, we undertake a fundamental study of analysis of ARBAC policies without the separate administration restriction, and show that analysis algorithms can be built that track only a bounded number of users, where the bound depends only on the number of administrative roles in the system. Using this fundamental insight paves the way for us to design an involved heuristic to further tame the state space explosion in practical systems. Our results are also very effective when applied on policies designed under the separate administration restriction. We implement our techniques and report on experiments conducted on several realistic case studies

Romanian public management reform: theoretical and empirical studies: vol. 1, administration and public services

For the time being, public management reform represents the concern of most states, no matter their development level, geographical and strategic position, membership to various supranational structures or political and social organisation systems. This process represents the topic of several papers and publications of outstanding international scientists or specialized structures of international organizations, such as OECD. In the EU Member States or acceding states, an argument for public management reform consists also in the need to bring into line with the national and regional administrations and even European administration. In the reform process, the most visible actors are the public authorities and institutions as well as the academic environment, which at national, regional or European level has structured own levers and mechanisms for debate and action concerning the reform mentioned. In line with the above efforts, it is worth to mention the activity of the European Group for Public Administration (EGPA), the Network of Institutes and Schools of Public Administration in Central and Eastern Europe (NISPAcee), International Institute of Administrative Sciences (IIAS), European Public Law Organization (EPLO), European Institute of Public Administration (EIPA) etc. In this respect, I have oriented my own preoccupations of analysis and research, expressed in theoretical and empirical studies, accepted with interest in prestigious regional, European or Trans-Atlantic scientific events. In the actual context of developing administrative sciences in Romania, I consider that a synthesis of the main themes and outcomes is useful. They benefited of national and international recognition, being accepted at specialised events, being published or quoted. The contents of the current volumes focus on two important fields of research in administrative sciences: fundamental issues and developments of public administration and services, on one hand, and civil service, on the other hand. Within this broad topic, several chapters aim and present relevant, conceptual and empirical issues of the fundamental processes in national and European administration, i.e. decentralisation, setting up and asserting the European Administrative Space or regional cooperation. Romanian experiments and practices for representing the local interests in the governmental decision-making process, partnership and local governance or universal services are in line with the European trends for developing the public services. In fact, Europeanization of national public administrations represents the outcome and the engine of changes in Romanian public management in the context of the European integration. The first volume concludes with a broad comparative study concerning Romanian and Japanese public management. Result of a “Foreign Visiting Professor†programme at the National Institute of Multimedia Education, Japan, the study reveals the core values deriving from the culture and social organisation of two peoples with distinct history and development, that unify and separate the national public administration systems. The conclusions of the first volume are formulated in most studies. They are shaping Romanian public administration as a developing system, open and convergent towards the European values characterising the whole European integration process. The second volume focuses on civil servants’ career and training. The Europeanization process, the curricular harmonization of the content and organisation of higher education in the area of administrative sciences are analysed in view of the principles of European Higher Education Area. Basically, the studies describe a new for researching and method evaluating the contents of the Bachelor and Master programmes according to a set of principles, promoted by the European bodies, such as the European Association for Public Administration Accreditation (EAPAA). The studies represent an extension towards the pillars of a European dialogue concerning in-service training and the impact of new technologies in public organisations. Important experiences in management and training of Romanian civil service are approached in the context of promoting meritocratic criteria or developing the democratic mechanism, supporting the Romanian public management reform. Of course, only reading these lines, a concrete and detailed idea about the current paper could not be formulated. For those interested, it will be a major effort to cover all the topics presented. Every topic is subject to appreciations and critics, representing the pillar of new developments. In fact, it represents one of the aims for my approach. The other aims are focused on re-launching the professional and scientific dialogue in specialised academia on the coordinates of research in the field of public management, accepted at European level, ensuring an enhanced internal, national and European visibility for the contributions of the Romanian public management school

Romanian Public Management Reform. Theoretical and empirical studies. Volume 1 - Administration and Public Services

For the time being, public management reform represents the concern of most states, no matter their development level, geographical and strategic position, membership to various supranational structures or political and social organisation systems. This process represents the topic of several papers and publications of outstanding international scientists or specialized structures of international organizations, such as OECD. In the EU Member States or acceding states, an argument for public management reform consists also in the need to bring into line with the national and regional administrations and even European administration. In the reform process, the most visible actors are the public authorities and institutions as well as the academic environment, which at national, regional or European level has structured own levers and mechanisms for debate and action concerning the reform mentioned. In line with the above efforts, it is worth to mention the activity of the European Group for Public Administration (EGPA), the Network of Institutes and Schools of Public Administration in Central and Eastern Europe (NISPAcee), International Institute of Administrative Sciences (IIAS), European Public Law Organization (EPLO), European Institute of Public Administration (EIPA) etc. In this respect, I have oriented my own preoccupations of analysis and research, expressed in theoretical and empirical studies, accepted with interest in prestigious regional, European or Trans-Atlantic scientific events. In the actual context of developing administrative sciences in Romania, I consider that a synthesis of the main themes and outcomes is useful. They benefited of national and international recognition, being accepted at specialised events, being published or quoted. The contents of the current volumes focus on two important fields of research in administrative sciences: fundamental issues and developments of public administration and services, on one hand, and civil service, on the other hand. Within this broad topic, several chapters aim and present relevant, conceptual and empirical issues of the fundamental processes in national and European administration, i.e. decentralisation, setting up and asserting the European Administrative Space or regional cooperation. Romanian experiments and practices for representing the local interests in the governmental decision-making process, partnership and local governance or universal services are in line with the European trends for developing the public services. In fact, Europeanization of national public administrations represents the outcome and the engine of changes in Romanian public management in the context of the European integration. The first volume concludes with a broad comparative study concerning Romanian and Japanese public management. Result of a “Foreign Visiting Professor†programme at the National Institute of Multimedia Education, Japan, the study reveals the core values deriving from the culture and social organisation of two peoples with distinct history and development, that unify and separate the national public administration systems. The conclusions of the first volume are formulated in most studies. They are shaping Romanian public administration as a developing system, open and convergent towards the European values characterising the whole European integration process. The second volume focuses on civil servants’ career and training. The Europeanization process, the curricular harmonization of the content and organisation of higher education in the area of administrative sciences are analysed in view of the principles of European Higher Education Area. Basically, the studies describe a new for researching and method evaluating the contents of the Bachelor and Master programmes according to a set of principles, promoted by the European bodies, such as the European Association for Public Administration Accreditation (EAPAA). The studies represent an extension towards the pillars of a European dialogue concerning in-service training and the impact of new technologies in public organisations. Important experiences in management and training of Romanian civil service are approached in the context of promoting meritocratic criteria or developing the democratic mechanism, supporting the Romanian public management reform. Of course, only reading these lines, a concrete and detailed idea about the current paper could not be formulated. For those interested, it will be a major effort to cover all the topics presented. Every topic is subject to appreciations and critics, representing the pillar of new developments. In fact, it represents one of the aims for my approach. The other aims are focused on re-launching the professional and scientific dialogue in specialised academia on the coordinates of research in the field of public management, accepted at European level, ensuring an enhanced internal, national and European visibility for the contributions of the Romanian public management school.Romania; Public Management Reform; Theoretical and empirical studies; Administration and Public Services.

Model-Based Analysis of Role-Based Access Control

Model-Driven Engineering (MDE) has been extensively studied. Many directions have been explored, sometimes with the dream of providing a fully integrated approach for designers, developers and other stakeholders to create, reason about and modify models representing software systems. Most, but not all, of the research in MDE has focused on general-purpose languages and models, such as Java and UML. Domain-specific and cross-cutting concerns, such as security, are increasingly essential parts of a software system, but are only treated as second-class citizens in the most popular modelling languages. Efforts have been made to give security, and in particular access control, a more prominent place in MDE, but most of these approaches require advanced knowledge in security, programming (often declarative), or both, making them difficult to use by less technically trained stakeholders. In this thesis, we propose an approach to modelling, analysing and automatically fixing role-based access control (RBAC) that does not require users to write code or queries themselves. To this end, we use two UML profiles and associated OCL constraints that provide the modelling and analysis features. We propose a taxonomy of OCL constraints and use it to define a partial order between categories of constraints, that we use to propose strategies to speed up the models’ evaluation time. Finally, by representing OCL constraints as constraints on a graph, we propose an automated approach for generating lists of model changes that can be applied to an incorrect model in order to fix it. All these features have been fully integrated into a UML modelling IDE, IBM Rational Software Architect

Model-Based Analysis of Role-Based Access Control

Model-Driven Engineering (MDE) has been extensively studied. Many directions have been explored, sometimes with the dream of providing a fully integrated approach for designers, developers and other stakeholders to create, reason about and modify models representing software systems. Most, but not all, of the research in MDE has focused on general-purpose languages and models, such as Java and UML. Domain-specific and cross-cutting concerns, such as security, are increasingly essential parts of a software system, but are only treated as second-class citizens in the most popular modelling languages. Efforts have been made to give security, and in particular access control, a more prominent place in MDE, but most of these approaches require advanced knowledge in security, programming (often declarative), or both, making them difficult to use by less technically trained stakeholders. In this thesis, we propose an approach to modelling, analysing and automatically fixing role-based access control (RBAC) that does not require users to write code or queries themselves. To this end, we use two UML profiles and associated OCL constraints that provide the modelling and analysis features. We propose a taxonomy of OCL constraints and use it to define a partial order between categories of constraints, that we use to propose strategies to speed up the models’ evaluation time. Finally, by representing OCL constraints as constraints on a graph, we propose an automated approach for generating lists of model changes that can be applied to an incorrect model in order to fix it. All these features have been fully integrated into a UML modelling IDE, IBM Rational Software Architect

An Approach for Managing Access to Personal Information Using Ontology-Based Chains

The importance of electronic healthcare has caused numerous changes in both substantive and procedural aspects of healthcare processes. These changes have produced new challenges to patient privacy and information secrecy. Traditional privacy policies cannot respond to rapidly increased privacy needs of patients in electronic healthcare. Technically enforceable privacy policies are needed in order to protect patient privacy in modern healthcare with its cross organisational information sharing and decision making. This thesis proposes a personal information flow model that specifies a limited number of acts on this type of information. Ontology classified Chains of these acts can be used instead of the "intended/business purposes" used in privacy access control to seamlessly imbuing current healthcare applications and their supporting infrastructure with security and privacy functionality. In this thesis, we first introduce an integrated basic architecture, design principles, and implementation techniques for privacy-preserving data mining systems. We then discuss the key methods of privacypreserving data mining systems which include four main methods: Role based access control (RBAC), Hippocratic database, Chain method and eXtensible Access Control Markup Language (XACML). We found out that the traditional methods suffer from two main problems: complexity of privacy policy design and the lack of context flexibility that is needed while working in critical situations such as the one we find in hospitals. We present and compare strategies for realising these methods. Theoretical analysis and experimental evaluation show that our new method can generate accurate data mining models and safe data access management while protecting the privacy of the data being mined. The experiments followed comparative kind of experiments, to show the ease of the design first and then follow real scenarios to show the context flexibility in saving personal information privacy of our investigated method

Verification of temporal-epistemic properties of access control systems

Verification of access control systems against vulnerabilities has always been a challenging problem in the world of computer security. The complication of security policies in large- scale multi-agent systems increases the possible existence of vulnerabilities as a result of mistakes in policy definition. This thesis explores automated methods in order to verify temporal and epistemic properties of access control systems. While temporal property verification can reveal a considerable number of security holes, verification of epistemic properties in multi-agent systems enable us to infer about agents' knowledge in the system and hence, to detect unauthorized information flow. This thesis first presents a framework for knowledge-based verification of dynamic access control policies. This framework models a coalition-based system, which evaluates if a property or a goal can be achieved by a coalition of agents restricted by a set of permissions defined in the policy. Knowledge is restricted to the information that agents can acquire by reading system information in order to increase time and memory efficiency. The framework has its own model-checking method and is implemented in Java and released as an open source tool named \char{cmmi10}{0x50}\char{cmmi10}{0x6f}\char{cmmi10}{0x6c}\char{cmmi10}{0x69}\char{cmmi10}{0x56}\char{cmmi10}{0x65}\char{cmmi10}{0x72}. In order to detect information leakage as a result of reasoning, the second part of this thesis presents a complimentary technique that evaluates access control policies over temporal-epistemic properties where the knowledge is gained by reasoning. We will demonstrate several case studies for a subset of properties that deal with reasoning about knowledge. To increase the efficiency, we develop an automated abstraction refinement technique for evaluating temporal-epistemic properties. For the last part of the thesis, we develop a sound and complete algorithm in order to identify information leakage in Datalog-based trust management systems