Name
Abstract | ||
|---|---|---|
Designing a security policy for an information system (IS) is a non-trivial task. Variants of the RBAC model can be used to express such policies as access-control rules associated to constraints. In this paper, we advocate that currently available tools do not take sufficiently into account the functional description of the application and its impact on authorisation constraints and dynamic aspects of security. We suggest to translate both security and functional models into a formal language, such as B, whose analysis and animation tools will help validate a larger set of security scenarios. We show how various kinds of constraints can be expressed and animated in this context. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1007/978-3-642-22056-2_62 | ADVANCED INFORMATION SYSTEMS ENGINEERING WORKSHOPS |
Keywords | Field | DocType |
RBAC,authorisation constraints,validation | Information system,Data mining,Formal language,Information security standards,Computer science,Role-based access control,Animation,Is security,Security policy,Computer security model | Conference |
Volume | ISSN | Citations |
83 | 1865-1348 | 10 |
PageRank | References | Authors |
0.67 | 23 | 7 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Yves Ledru | 1 | 110 | 9.20 |
| Akram Idani | 2 | 110 | 15.56 |
| J'er'emy Milhau | 3 | 15 | 1.13 |
| Nafees Qamar | 4 | 52 | 7.57 |
| R'egine Laleau | 5 | 15 | 1.13 |
| Jean-Luc Richier | 6 | 359 | 45.60 |
| Mohamed-Amine Labiadh | 7 | 30 | 2.49 |