Kallel, Slim ; Charfi, Anis ; Mezini, Mira ; Jmaiel, Mohamed ; Sewe, Andreas (2009)
A holistic approach for access control policies: from formal specification to aspect-based enforcement.
In: International Journal of Information and Computer Security, 3 (3/4)
doi: 10.1504/IJICS.2009.031044
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
We present in this paper a novel approach to non-functional safety properties, combining formal methods and Aspect-Oriented Programming (AOP). The approach supports both the formal specification and the enforcement of such properties through runtime monitoring. We apply our approach for security policies and especially Role-Based Access Control (RBAC) policies including application-specific constraints such as separation of duties and delegation. For formal specification, we introduce TemporalZ, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC policies. For the enforcement, we generate automatically modular enforcement code out of the formal specification using the aspect-oriented language ALPHA.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2009 |
| Autor(en): | Kallel, Slim ; Charfi, Anis ; Mezini, Mira ; Jmaiel, Mohamed ; Sewe, Andreas |
| Art des Eintrags: | Bibliographie |
| Titel: | A holistic approach for access control policies: from formal specification to aspect-based enforcement |
| Sprache: | Englisch |
| Publikationsjahr: | 2009 |
| Verlag: | Inderscience Publishers |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | International Journal of Information and Computer Security |
| Jahrgang/Volume einer Zeitschrift: | 3 |
| (Heft-)Nummer: | 3/4 |
| DOI: | 10.1504/IJICS.2009.031044 |
| Kurzbeschreibung (Abstract): | We present in this paper a novel approach to non-functional safety properties, combining formal methods and Aspect-Oriented Programming (AOP). The approach supports both the formal specification and the enforcement of such properties through runtime monitoring. We apply our approach for security policies and especially Role-Based Access Control (RBAC) policies including application-specific constraints such as separation of duties and delegation. For formal specification, we introduce TemporalZ, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC policies. For the enforcement, we generate automatically modular enforcement code out of the formal specification using the aspect-oriented language ALPHA. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Softwaretechnik |
| Hinterlegungsdatum: | 03 Feb 2010 13:05 |
| Letzte Änderung: | 05 Mär 2013 09:30 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum