Abstract
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is to help developers evaluate the consequences of policy decisions in complex situations where security requirements change and access decisions may depend on the external dynamic environment. The approach applies the model-oriented specification language from the Vienna Development Method (VDM++). An executable formal model of XACML access control is presented in VDM++. The use of the model to analyse and revise both policies and requirements on the environment is illustrated through an example. An approach to the practical problem of analysing access control in virtual organisations with dynamic membership and goals is proposed.
| Original language | English |
|---|---|
| Title of host publication | Formal Methods and Software Engineering |
| Editors | Michael Butler, Michael G. Hinchey, María M. Larrondo-Petrie |
| Place of Publication | Berlin |
| Publisher | Springer Verlag |
| Pages | 37-56 |
| Number of pages | 20 |
| Volume | 4789 LNCS |
| ISBN (Electronic) | 978-3-540-76650-6 |
| ISBN (Print) | 978-3-540-76648-3 |
| DOIs | |
| Publication status | Published - 2007 |
| Event | International Conference on Formal Engineering Methods - Boca Raton, United States Duration: 14 Nov 2007 → 15 Nov 2007 Conference number: 9 |
Publication series
| Name | Lecture Notes in Computer Science |
|---|---|
| Publisher | Springer |
| Volume | 4789 |
Conference
| Conference | International Conference on Formal Engineering Methods |
|---|---|
| Abbreviated title | ICFEM |
| Country/Territory | United States |
| City | Boca Raton |
| Period | 14/11/07 → 15/11/07 |