Using alloy to analyse a spatio-temporal access control model supporting delegation

Pervasive computing applications use the knowledge of the environment to provide better services and functionality to the end user. Access control for such applications needs to use contextual information. Towards this end, we proposed an access control model based on RBAC that uses the environmental contexts time and location to determine whether a user can get access to some resource. The model also supports delegation which is important for dynamic applications where a user is unavailable and permissions may have to be transferred temporarily to another user/role in order to complete a specific task. Such a model typically has numerous features to support the requirements of various applications. The features may interact in subtle ways to produce conflicts. Here, we propose an automated approach using Alloy for detecting such conflicts. Alloy is supported by a software infrastructure that allows automated analysis of models and has been used to verify industrial applications. The results obtained from the analysis will enable the users of the model to make informed decisions.