This post is about a paper we presented at SETOP 2011. It basicaly presents the vision of the CESSA project. Authors: Muhammad Sabir Idrees, Gabriel Serme, Yves Roudier, Anderson Santana De Oliveira, Herve GrallMario Sudholt Here is the abstract: Due to today’s rapidly changing corporate environments, business processes are increasingly subject to dynamic configuration and [...]
Filed under: Publications | Leave a Comment »
Below you may find the slides for the talks I have given at the Colibri colloquium: Automating model-based software engineering David Déharbe (UFRN), Pascal Fontaine (LORIA), Stephan Merz (LORIA), Anamaria Martins Moreira (UFRN), Anderson Santana de Oliveira (UFERSA) Vérification automatique des systèmes à base de règles avec le narrowing stratégique Anderson Santana de Oliveira (UFERSA), [...]
Filed under: Publications | Leave a Comment »
I have participated in two papers that were presented at SecRet 2008: Claude Kirchner, Hélène Kirchner and Anderson Santana de Oliveira – Analysis of Rewrite-Based Access Control Policies The rewrite-based approach provides executable specifications for security policies, which can be independently designed, verified, and then anchored on programs using a modular discipline. In this paper, [...]
Filed under: Publications | Tagged: Access Control, computer security, formal verification, Security Policies | Leave a Comment »
My thesis defense will be on March 31st, in LORIA. For more information about the thesis check this page: http://andersonsantana.wordpress.com/thesis-manuscript/
Filed under: computer security, Publications | Leave a Comment »
With Claude Kirchner, Hélène Kirchner, and Eric Ke Wang Access control is a central issue among the overall security goals of information systems. Despite of the existence of a vast literature on the subject, it is still very hard to assure the compliance of a large existing system to a given dynamic access control policy. [...]
Filed under: Publications | Leave a Comment »
with Charles Morisset The prevention of information flow is an important concern in several access control models. Even though this property is stated in the model specification, it is not easy to verify it in the actual implementation of a given security policy. In this paper we model-check rewrite-based implementations of access control policies. We [...]
Filed under: Publications | Leave a Comment »
It has just been updated to join the different ways I wrote my name in the papers, so if you either search for Anderson Santana or Anderson Santana de Oliveira you will find the same thing.
Filed under: Publications | Leave a Comment »
Modular Access Control via Strategic Rewriting with Daniel J. Dougherty, Claude Kirchner, Hélène Kirchner Security policies, in particular access control, are fundamental elements of computer security. We address the problem of authoring and analyzing policies in a modular way using techniques developed in the field of term rewriting, focusing especially on the use of rewriting [...]
Filed under: Publications | Leave a Comment »
Rewriting-Based Access Control Policies In this paper we propose a formalization of access control policies based on term rewriting. The state of the system to which policies are enforced is represented as an algebraic term, which allows us to model several aspects of the policy environment. Policies are implemented by sets of rewrite rules, whose [...]
Filed under: Publications | Leave a Comment »
Modular Formal Islands: Embed Theory in your Practice with Emilie Balland, Claude Kirchner, and Pierre-Etienne Moreau Motivated by the proliferation and usefulness of Domain Specific Languages as well as the demand in enriching well established languages by high level capabilities like modularity, pattern matching or strategic rewriting, we have introduced in previous works the Formal [...]
Filed under: Publications | Leave a Comment »
