Name
Abstract | ||
|---|---|---|
Formal security models have significantly improved the understanding of access control systems. They have influenced the way access control policies are specified and analyzed, and they provide a sound foundation for a policy's implementation. While their merits are many, designing security models is not an easy task, and their use in commercial systems is still far from everyday practice. This paper argues that model engineering principles and tools supporting these principles are important steps towards model based security engineering. It proposes a model engineering approach based on the idea that access control models share a common, model-independent core that, by core specialization and core extension, can be tailored to a broad scope of domain-specific access control models. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1007/978-3-642-25560-1_27 | ICISS |
Keywords | Field | DocType |
towards access control model,access control model,core specialization,access control system,model engineering approach,formal security model,model-independent core,model engineering principle,domain-specific access control model,access control policy,core extension | Network security policy,Security through obscurity,Software security assurance,Security engineering,Computer security,Computer science,Security service,Access control,Security policy,Computer security model | Conference |
Volume | ISSN | Citations |
7093 | 0302-9743 | 4 |
PageRank | References | Authors |
0.39 | 13 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Winfried E. Kühnhauser | 1 | 55 | 15.07 |
| Anja Pölck | 2 | 17 | 1.60 |