Attribute-based access control (ABAC) with obligations is a new technique for achieving fine-grained access control and accountability. An obligatory ABAC system can be implemented incorrectly for various reasons, such as programming errors and incorrect access control and obligation specification. To reveal these implementation defects, this paper presents an approach to model-based testing of obligatory ABAC systems. In this approach, we first build a test model by specifying a functional model and an obligatory ABAC policy. The policy represents access control and obligation constraints on the functional model. Then we weave the policy with the functional model into an integrated model that represents both functions under test and access...
peer reviewedThe support of obligations with access control policies allows the expression of more s...
Abstract—Role-based access control (RBAC) is very widely used but has notable limitations, prompting...
Attribute based access control (ABAC) grants accesses to services based on the attributes possessed ...
Attribute-based access control (ABAC) with obligations is a new technique for achieving fine-grained...
Attribute-based access control (ABAC) is a new generation of access control techniques. It enables f...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
Access control is essential for safe and secure access to software and hardware resources. Operating...
Role-based access control is an important access control method for securing computer systems. A rol...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasi...
Obligations are mandatory actions that users must perform, addressing access control requirements. T...
2021 Summer.Includes bibliographical references.Attribute-Based Access Control (ABAC) is a methodolo...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control systems are widely used means for the protection of computing systems. They are defin...
International audienceWe present a model-based approach to testing access control requirements. By u...
peer reviewedThe support of obligations with access control policies allows the expression of more s...
Abstract—Role-based access control (RBAC) is very widely used but has notable limitations, prompting...
Attribute based access control (ABAC) grants accesses to services based on the attributes possessed ...
Attribute-based access control (ABAC) with obligations is a new technique for achieving fine-grained...
Attribute-based access control (ABAC) is a new generation of access control techniques. It enables f...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
Access control is essential for safe and secure access to software and hardware resources. Operating...
Role-based access control is an important access control method for securing computer systems. A rol...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasi...
Obligations are mandatory actions that users must perform, addressing access control requirements. T...
2021 Summer.Includes bibliographical references.Attribute-Based Access Control (ABAC) is a methodolo...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control systems are widely used means for the protection of computing systems. They are defin...
International audienceWe present a model-based approach to testing access control requirements. By u...
peer reviewedThe support of obligations with access control policies allows the expression of more s...
Abstract—Role-based access control (RBAC) is very widely used but has notable limitations, prompting...
Attribute based access control (ABAC) grants accesses to services based on the attributes possessed ...