The capture, deployment and enforcement of appropriate access control policies are crucial aspects of many modern software-based systems. Previously, there has been a significant amount of research undertaken with respect to the formal modelling and analysis of access control policies; however, only a limited proportion of this work has been concerned with dynamic policies. In this paper we explore techniques for the modelling, analysis and subsequent deployment of such policies - which may rely on external data. We use the Alloy modelling language to describe constraints on policies and external data; utilising these constraints, we test static instances constructed from the current state of the external data. We present Gauge, a constrain...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control systems are widely used means for the protection of computing systems. They are defin...
In assigning access permissions to users, formal policies fill a key role in mapping access from use...
Dynamic constraints such as Separation of Duty (SoD) prevent the possibility of frauds and enable fl...
Abstract — Access control requires authorization rules and constraints. To express access control po...
The construction of secure software is a notoriously difficult task. The abstract security requireme...
We explain how a parameterized model checking technique can be exploited to mechanize the analysis o...
An access-control policy is a formal description of the privileges that users have on resources in a...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
If access control policy decision points are not neatly separated from the business logic of a syste...
International audienceIf access control policy decision points are not neatly separated from the bus...
Verification and testing are the important step for software assurance. However, such crucial and ye...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
International audienceIn the security domain, the access control consists in specifying who can acce...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control systems are widely used means for the protection of computing systems. They are defin...
In assigning access permissions to users, formal policies fill a key role in mapping access from use...
Dynamic constraints such as Separation of Duty (SoD) prevent the possibility of frauds and enable fl...
Abstract — Access control requires authorization rules and constraints. To express access control po...
The construction of secure software is a notoriously difficult task. The abstract security requireme...
We explain how a parameterized model checking technique can be exploited to mechanize the analysis o...
An access-control policy is a formal description of the privileges that users have on resources in a...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
If access control policy decision points are not neatly separated from the business logic of a syste...
International audienceIf access control policy decision points are not neatly separated from the bus...
Verification and testing are the important step for software assurance. However, such crucial and ye...
Access control policies in software systems can be implemented incorrectly for various reasons. This...
International audienceIn the security domain, the access control consists in specifying who can acce...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control systems are widely used means for the protection of computing systems. They are defin...
Access control systems are widely used means for the protection of computing systems. They are defin...