In access control systems, aimed at regulating the accesses to protected data and resources, a critical component is the Policy Decision Point (PDP), which grants or denies the access according to the defined policies. Due to the complexity of the standard language, it is recommended to rely on model-driven approaches which allow to overcome difficulties in the XACML policy definition. We provide in this paper a toolchain that involves a model-driven approach to specify and generate XACML policies and also enables automated testing of the PDP component. We use XACML-based testing strategies for generating appropriate test cases which are able to validate the functional aspects, constraints, permissions and prohibitions of the PDP. An experi...
Language) is a declarative access control policy language that has unique language constructs for fa...
International audienceWe present a model-based approach to testing access control requirements. By u...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
Abstract — Access control requires authorization rules and constraints. To express access control po...
Context: In modern pervasive applications, it is important to validate access control mechanisms tha...
Access control policies are increasingly written in specification lan-guages such as XACML. A dedica...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
Abstract. We present a formal, tool-supported approach to the design and maintenance of access contr...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
Security services are provided through: The applications, operating systems, databases, and the netw...
We present a formal, tool-supported approach to the design and maintenance of access control policie...
We introduce a UML-based notation for graphically modeling systems’ security aspects in a simple an...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
Language) is a declarative access control policy language that has unique language constructs for fa...
International audienceWe present a model-based approach to testing access control requirements. By u...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control ...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
Abstract — Access control requires authorization rules and constraints. To express access control po...
Context: In modern pervasive applications, it is important to validate access control mechanisms tha...
Access control policies are increasingly written in specification lan-guages such as XACML. A dedica...
We present a formal (model-based) approach to de-scribing and analysing access control policies. Thi...
Abstract. We present a formal, tool-supported approach to the design and maintenance of access contr...
We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and...
Security services are provided through: The applications, operating systems, databases, and the netw...
We present a formal, tool-supported approach to the design and maintenance of access control policie...
We introduce a UML-based notation for graphically modeling systems’ security aspects in a simple an...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
Language) is a declarative access control policy language that has unique language constructs for fa...
International audienceWe present a model-based approach to testing access control requirements. By u...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...