Graph-based specification of access control policies
نویسندگان
چکیده
منابع مشابه
Rewrite Based Specification of Access Control Policies
Data protection within information systems is one of the main concerns in computer systems security and different access control policies can be used to specify the access requests that should be granted or denied. These access control mechanisms should guarantee that information can be accessed only by authorized users and thus prevent all information leakage. We propose a methodology for spec...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملRewriting-Based Access Control Policies
In this paper we propose a formalization of access control policies based on term rewriting. The state of the system to which policies are enforced is represented as an algebraic term, what allows to model many aspects of the policy environment. Policies are represented as sets of rewrite rules, whose evaluation produces deterministic authorization decisions. We discuss the relation between pro...
متن کاملAnalysis of Rewrite-Based Access Control Policies
The rewrite-based approach provides executable specifications for security policies, which can be independently designed, verified, and then anchored on programs using a modular discipline. In this paper, we describe how to perform queries over these rule-based policies in order to increase the trust of the policy author on the correct behavior of the policy. The analysis we provide is founded ...
متن کاملConstraints Specification in Attribute Based Access Control
Recently, attribute based access control (ABAC )has received considerable attention from the secu-rity community for its policy flexibility and dynamicdecision making capabilities. In ABAC, authoriza-tion decisions are made based on various attributesof entities involved in the access (e.g., users, sub-jects, objects, context, etc.). In an ABAC system,a proper attrib...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Computer and System Sciences
سال: 2005
ISSN: 0022-0000
DOI: 10.1016/j.jcss.2004.11.002