Abstract — Access control requires authorization rules and constraints. To express access control policies, several languages, such as XACML, EPAL or PONDER, are used. These languages specify which subjects can (or cannot) access sets of resources or services to perform specific actions. A user can define several access control policies and rules, but these access control languages do not offer any mechanism to avoid conflicts and inconsistencies among them. In fact, it can happen that more than a rule or a policy, with opposite decisions, is applicable in a given context. We propose a method based on first order logic modeling to detect and visualize possible conflicts within sets of access control policies expressed in XACML. We translate...
Many languages and algebras have been proposed in recent years for the specification of authorizatio...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
The increased awareness of the importance of data protection has made access control a relevant comp...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
Abstract. In this paper we present an access control model that con-siders both abstract and concret...
A major drawback of existing access control systems is that they have all been developed with a spec...
Abstract—The advent of emerging technologies such as Web services, service-oriented architecture, an...
This report details the implementation of a program that translates access control policies written ...
Graph-based specification formalisms for Access Control (AC) policies combine the advantages of an i...
The emergence of technologies such as service-oriented architectures and cloud computing has allowed...
With the widespread use of web services, there is a need for adequate security and privacy support t...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
In access control systems, aimed at regulating the accesses to protected data and resources, a criti...
The goal of this thesis is to find provably correct methods for detecting conflicts between XACML ru...
Many languages and algebras have been proposed in recent years for the specification of authorizatio...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
The increased awareness of the importance of data protection has made access control a relevant comp...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
Abstract. In this paper we present an access control model that con-siders both abstract and concret...
A major drawback of existing access control systems is that they have all been developed with a spec...
Abstract—The advent of emerging technologies such as Web services, service-oriented architecture, an...
This report details the implementation of a program that translates access control policies written ...
Graph-based specification formalisms for Access Control (AC) policies combine the advantages of an i...
The emergence of technologies such as service-oriented architectures and cloud computing has allowed...
With the widespread use of web services, there is a need for adequate security and privacy support t...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
In access control systems, aimed at regulating the accesses to protected data and resources, a criti...
The goal of this thesis is to find provably correct methods for detecting conflicts between XACML ru...
Many languages and algebras have been proposed in recent years for the specification of authorizatio...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
The increased awareness of the importance of data protection has made access control a relevant comp...