A formal integration of access control policies into information systems

Security is a key aspect in information systems (IS) development. One cannot build a bank IS without security in mind. In medical IS, security is one of the most important features of the software. Access control is one of many security aspects of an IS. It defines permitted or forbidden execution of system's actions by a user. Between the conception of an access control policy and its effective deployment on an IS, several steps can introduce unacceptable errors. Using formal methods may be an answer to reduce errors during the modeling of access control policies. Using the process algebra EB3, one can formally model IS. Its extension, EB3SEC, was created in order to model access control policies. The ASTD notation combines Harel's Statecharts and EB3 operators into a graphical and formal notation that can be used in order to model IS. However, both methods lack tools allowing a designer to prove or verify security properties in order to validate an access control policy. Furthermore, the implementation of an access control policy must correspond to its abstract specification. This thesis defines translation rules from EB3 to ASTD, from ASTD to event-B and from ASTD to B. It also introduces a formal architecture expressed using the B notation in order to enforce a policy over an IS. This modeling of access control policies in B can be used in order to prove properties, thanks to the B prover, but also to verify properties using ProB, a model checker for B. Finally, a refinement strategy for the access control policy into an implementation is proposed. B refinements are proved, this ensures that the implementation corresponds to the initial model of the access control policy

Data and Resources

Additional Info

Field Value
Source https://theses.hal.science/tel-00674865
Author Milhau, Jérémy
Maintainer CCSD
Last Updated May 26, 2026, 13:02 (UTC)
Created May 26, 2026, 13:02 (UTC)
Identifier NNT: 2011PEST1038
Language fr
Rights https://about.hal.science/hal-authorisation-v1/
contributor Laboratoire d'Algorithmique Complexité et Logique (LACL) ; Université Paris-Est Créteil Val-de-Marne - Paris 12 (UPEC UP12)-Centre National de la Recherche Scientifique (CNRS)
creator Milhau, Jérémy
date 2011-12-12T00:00:00
harvest_object_id 9f2ab1ec-a22b-4e31-baec-7d8884d6e20c
harvest_source_id 3374d638-d20b-4672-ba96-a23232d55657
harvest_source_title test moissonnage SELUNE
metadata_modified 2026-03-30T00:00:00
set_spec type:THESE