Rationale and Design of the Access Specification Language RASP
نویسنده
چکیده
In this paper we describe the formal specification language RASP for expressing fine-grained access control constraints in information systems. The design of the language is motivated by a number of IS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements.
منابع مشابه
A Formal Semantic Model for the Access Specification Language RASP
The access specification language RASP extends traditional role-based access control (RBAC) concepts to provide greater expressive power often required for fine-grained access control in sensitive information systems. Existing formal models of RBAC are not sufficient to describe these extensions. In this paper, we define a new model for RBAC which formalizes the RASP concepts of controlled role...
متن کاملAn introduction to tag sequence grammars and the RASP system parser
This report describes the tag sequence grammars released as part of the Robust Accurate Statistical Parsing (RASP) system. It is intended to help users of RASP understand the linguistic and engineering rationale behind the grammars and prepare them to customize the system for their application. It also contains a fairly exhaustive list of references to extant work utilizing the RASP parser.
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملDesigning a Language for Spatial Computing
We present the design rationale underlying a language for spatial computing and sketch a prototypical implementation in Python. The goal of this work is to provide a high-level language for spatial computing that is executable on existing commercial and open source spatial computing platforms, particularly Geographic Information Systems (GIS). The key idea of the approach is to target an abstra...
متن کامل