A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies
نویسندگان
چکیده
منابع مشابه
A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies
Access control systems are widely used means for the protection of computing systems. They are defined in termsof access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined,fully-implemented framework for specification, analysis and enforcement of attribute-based access control policies.The framework rests on FACPL, a language...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملVerification and enforcement of access control policies
Access control mechanisms protect critical resources of systems from unauthorized access. In a policy-based management approach, administrators define user privileges as rules that determine the conditions and the extent of users’ access rights. As rules become more complex, analytical skills are required to identify conflicts and interactions within the rules that comprise a system policy – es...
متن کاملThe Policy Machine: A novel architecture and framework for access control policy specification and enforcement
The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability for existing access control mechanisms to generically enforce policy persists. While researchers, practitioners and policy makers have specified a large variety of access control policies to address re...
متن کاملRewrite Based Specification of Access Control Policies
Data protection within information systems is one of the main concerns in computer systems security and different access control policies can be used to specify the access requests that should be granted or denied. These access control mechanisms should guarantee that information can be accessed only by authorized users and thus prevent all information leakage. We propose a methodology for spec...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Software Engineering
سال: 2019
ISSN: 0098-5589,1939-3520,2326-3881
DOI: 10.1109/tse.2017.2765640