Add to ORKGInternational audienceAccess control is a central issue among the overall security goals of information systems. Despite of the existence of a vast literature on the subject, it is still very hard to assure the compliance of a large existing system to a given dynamic access control policy. Based on our previous work on formal islands, we provide in this paper a systematic methodology to weave dynamic, formally specified policies on existing applications using aspect-oriented programming. To that end, access control policies are formalized using term rewriting systems, allowing us to have an agile, modular, and precise way to specify and to ensure their formal termination. These high-level descriptions are then weaved into the existing code,...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control (AC) limits access to the resources of a system only to authorized entities. Given th...
AbstractIn this paper we propose a formalization of access control policies based on term rewriting....
In this paper we propose a formalization of access control policies based on term rewriting. The sta...
International audienceSecurity policies, in particular access control, are fundamental elements of c...
International audienceData protection within information systems is one of the main concerns in comp...
International audienceThe rewrite-based approach provides executable specifications for security pol...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
AbstractData protection within information systems is one of the main concerns in computer systems s...
Abstract—Recently, dynamic access control models are pro-posed to restrict access domain appropriate...
We present in this paper a novel approach to non-functional safety properties, combining formal meth...
Specifying, enforcing and evolving access control policies is essential to prevent security breaches...
AbstractThe rewrite-based approach provides executable specifications for security policies, which c...
In this paper we propose a formalization of access control policies based on term rewriting. The sta...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control (AC) limits access to the resources of a system only to authorized entities. Given th...
AbstractIn this paper we propose a formalization of access control policies based on term rewriting....
In this paper we propose a formalization of access control policies based on term rewriting. The sta...
International audienceSecurity policies, in particular access control, are fundamental elements of c...
International audienceData protection within information systems is one of the main concerns in comp...
International audienceThe rewrite-based approach provides executable specifications for security pol...
Access control is key to limiting the actions of users in an application and attribute-based policy ...
AbstractData protection within information systems is one of the main concerns in computer systems s...
Abstract—Recently, dynamic access control models are pro-posed to restrict access domain appropriate...
We present in this paper a novel approach to non-functional safety properties, combining formal meth...
Specifying, enforcing and evolving access control policies is essential to prevent security breaches...
AbstractThe rewrite-based approach provides executable specifications for security policies, which c...
In this paper we propose a formalization of access control policies based on term rewriting. The sta...
This paper presents a rule-based, domain specific language for modeling access control policies whic...
Abstract. Access-control policies have grown from simple matrices to non-trivial specifications writ...
Access control (AC) limits access to the resources of a system only to authorized entities. Given th...