Abstract | ||
---|---|---|
Access control policies are a crucial aspect of many security-critical software systems. It is generally accepted that the construction of access control policies is not a straightforward task. Further, any mistakes in the process have the potential to give rise both to security risks, due to the provision of inappropriate access, and to frustration on behalf of legitimate end-users when they are prevented from performing essential tasks. In this paper we describe a tool for constructing role-based access control (RBAC) policies, which are automatically checked for conformance with constraints described using predicate logic. These constraints may represent general healthiness conditions that should hold of all policies conforming to a general model, or capture requirements pertaining to a particular deployment. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1007/978-3-642-19125-1_2 | ESSoS |
Keywords | DocType | Volume |
general model,crucial aspect,particular deployment,legitimate end-users,automatic conformance checking,role-based access control policy,essential task,inappropriate access,access control policy,general healthiness condition,predicate logic,role-based access control,role based access control,software systems | Conference | 6542 |
ISSN | Citations | PageRank |
0302-9743 | 4 | 0.48 |
References | Authors | |
19 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
David Power | 1 | 124 | 16.71 |
Mark Slaymaker | 2 | 119 | 15.44 |
Andrew Simpson | 3 | 282 | 49.37 |