Michel Embe Jiague, Marc Frappier, Frédéric Gervais, Pierre Konopacki, Régine Laleau, Jérémy Milhau, Richard St-Denis


In this paper, we advocate a strong separation of four aspects of information systems: data, dynamic behavior, security data and access control behavior. We describe how to model each of these aspects using formal methods. An abstract specification of each part of an information system is defined. The presented approach can be used when building a system from scratch but can also be applied to implement a security controller for an existing system. In parallel with models, properties of the system are written. These properties are checked against the system’s models to ensure they hold using model checking techniques.


  1. Abrial, J.-R. (2010). Modeling in Event-B. Cambridge University Press.
  2. ANSI (2004). American national standard for information technology - role based access control. ANSI INCITS 359-2004.
  3. Basin, D., Burri, S. J., and Karjoth, G. (2010). Dynamic enforcement of abstract separation of duty constraints. In Computer Security - ESORICS 2009, LNCS. vol. 5789, pp. 250-267, Springer, Berlin Heidelberg.
  4. Basin, D., Doser, J., and Lodderstedt, T. (2006). Model driven security: From UML models to access control infrastructures. ACM TOSEM, 15(1):39-91.
  5. Basin, D. A., Clavel, M., Doser, J., and Egea, M. (2009). Automated analysis of security-design models. Information & Software Technology, 51(5):815-831.
  6. Embe Jiague, M., Frappier, M., Gervais, F., Konopacki, P., Milhau, J., Laleau, R., and St-Denis, R. (2010). Model-driven engineering of functional security policies. In INSTICC Press, volume Information Systems Analysis and Specification, pages 374-379, Funchal, Madeira.
  7. Embe Jiague, M., Frappier, M., Gervais, F., Laleau, R., and St-Denis, R. (2011). From ASTD access control policies to WS-BPEL processes deployed in a SOA environment. In Chiu, D. K. W. and al., editors, WISS 2010 Workshops, LNCS. vol. 6724, pp. 126-141, Springer, Berlin Heidelberg.
  8. Evans, N., Treharne, H., Laleau, R., and Frappier, M. (2008). Applying CSP - B to information systems. Software and System Modeling, 7(1):85-102.
  9. Ferraiolo, D. F., Kuhn, D. R., and Chandramouli, R. (2003). Role-Based Access Control. Artech House, Inc., Norwood, MA, USA.
  10. Fraikin, B., Frappier, M., and Laleau, R. (2005). Statebased versus event-based specifications for information system specification: a comparison of B and EB3. Software and Systems Modeling, 4(3):236-257.
  11. Frappier, M., Fraikin, B., Chossart, R., Chane-Yack-Fa, R., and Ouenzar, M. (2010). Comparison of model checking tools for information systems. In Dong, J. and Zhu, H., editors, Formal Methods and Software Engineering, LNCS. vol. 6447, pp. 581-596, Springer, Berlin Heidelberg.
  12. Frappier, M., Gervais, F., Laleau, R., Fraikin, B., and StDenis, R. (2008). Extending statecharts with process algebra operators. Innovations in Systems and Software Engineering, 4(3):285-292.
  13. Frappier, M. and St-Denis, R. (2003). EB3: an entity-based black-box specification method for information systems. Software and Systems Modeling, 2(2):134-149.
  14. Holzmann, G. J. (2004). The Spin Model Checker: Primer and Reference Manual. Addison-Wesley.
  15. Jackson, D. (2006). Software Abstractions. MIT Press.
  16. Kallel, S., Charfi, A., Mezini, M., Jmaiel, M., and Klose, K. (2009). From formal access control policies to runtime enforcement aspects. In Massacci, F., Zannone, N., and Redwine, S. T., editors, Engineering Secure Software and Systems, LNCS. vol. 5429, pp. 16-31, Springer, Berlin.
  17. Konopacki, P., Frappier, M., and Laleau, R. (2010). Expressing access control policies with an eventbased approach. Technical Report TR-LACL-2010-6, LACL, Université Paris Est.
  18. Leuschel, M. and Butler, M. (2003). ProB: A model checker for B. In Araki, K., Gnesi, S., and Mandrioli, D., editors, FME 2003: Formal Methods, LNCS. vol. 2805, pp. 855-874, Springer, Berlin Heidelberg.
  19. Milhau, J., Frappier, M., Gervais, F., and Laleau, R. (2010). Systematic translation rules from ASTD to Event-B. In Méry, D. and Merz, S., editors, Integrated Formal Methods, LNCS. vol. 6396, pp. 245-259, Springer, Berlin H.
  20. Parnas, D. (1972). On the criteria to be used in decomposing systems into modules. Communications of the ACM, 15(12).
  21. Schauerhuber, A., Schwinger, W., Kapsammer, E., Retschitzegger, W., Wimmer, M., and Kappel, G. (2007). A survey on aspect-oriented modeling approaches. Technical report, Vienna University of Technology.
  22. Win, B. D., Vanhaute, B., and Decker, B. D. (2002). How aspect-oriented programming can help to build secure software. Informatica (Slovenia), 26(2).

Paper Citation

in Harvard Style

Embe Jiague M., Frappier M., Gervais F., Konopacki P., Laleau R., Milhau J. and St-Denis R. (2011). A FOUR-CONCERN-ORIENTED SECURE IS DEVELOPMENT APPROACH . In Proceedings of the International Conference on Security and Cryptography - Volume 1: MPEIS, (ICETE 2011) ISBN 978-989-8425-71-3, pages 464-471. DOI: 10.5220/0003619604640471

in Bibtex Style

author={Michel Embe Jiague and Marc Frappier and Frédéric Gervais and Pierre Konopacki and Régine Laleau and Jérémy Milhau and Richard St-Denis},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: MPEIS, (ICETE 2011)},

in EndNote Style

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: MPEIS, (ICETE 2011)
SN - 978-989-8425-71-3
AU - Embe Jiague M.
AU - Frappier M.
AU - Gervais F.
AU - Konopacki P.
AU - Laleau R.
AU - Milhau J.
AU - St-Denis R.
PY - 2011
SP - 464
EP - 471
DO - 10.5220/0003619604640471