Synthesising verified access control systems in XACML
作者: Nan Zhang , Mark Ryan , Dimitar P. Guelev
关键词: Markup language 、 Database 、 SIMPLE (military communications protocol) 、 Programming language 、 Access control 、 Expressive language 、 XACML 、 Scripting language 、 Standard language 、 Computer science
摘要: The eXtensible Access Control Markup Language (XACML) was proposed by the OASIS committee to be used as a standard language in e-business [6]. However, policy files written XACML are hard read and analyse directly. In this paper, we present tool which generates verified scripts from access control system descriptions simple but expressive [3], admits algorithmic verification of systems against appropriately formalised policies. This allows generation for that can formally implementing relevant
core.ac.uk
acm.org
sci-hub.se 参考文章(4)
Dimitar P. Guelev, Mark Ryan, Pierre Yves Schobbens, Model-Checking Access Control Policies international conference on information security. pp. 219- 230 ,(2004) , 10.1007/978-3-540-30144-8_19
Ashok K. Chandra, Philip M. Merlin, Optimal implementation of conjunctive queries in relational data bases symposium on the theory of computing. pp. 77- 90 ,(1977) , 10.1145/800105.803397
R.S. Sandhu, E.J. Coyne, H.L. Feinstein, C.E. Youman, Role-based access control models IEEE Computer. ,vol. 29, pp. 38- 47 ,(1996) , 10.1109/2.485845
Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati, Access control: principles and solutions Software - Practice and Experience. ,vol. 33, pp. 397- 421 ,(2003) , 10.1002/SPE.513