Titre du Projet : Evolution et Cohérence du Contrôle d'Accès au SI

Acronyme : ECCASI

Dates : 2005-2008

Chercheurs impliqués : Stéphane Coulondre, Romuald Thion (Doctorant), Christophe Caille (stagiaire ingénieur CNAM)

Résumé :

Access control policies describe what is allowed and what is forbidden to the system users. From the introduction of access control models by US army labs in the 70's, this research area has received much attention. Their structure, formalization, semantics, management, representation, and validation have been extensively studied.
But these results are very hard to apply to modern information systems requirements. They have become hard to administrate and to assess. Each evolution or modification step is a challenge and may introduce security risks and they can hardly take into account contextual constraints (time, place, environment).

This project aim at proposing a well-founded model, that allows expressing and solving common access control administration and evolution problems. Our model has been designed expressive and evolutive enough to express a wide range of access control models. Moreover it allows coherence testing and detection of inconsistency and redundancy, either within a single model, or between source and target models when evolution is necessary.