Reasoning about XACML policies using CSP

    Research output: Chapter in Book/Report/Conference proceedingConference proceedingpeer-review

    33 Citations (Scopus)

    Abstract

    In this work we explore the use of process algebra in formalising and analysing access control policies. We do this by considering a standard access control language (XACML) and show how the core concepts in the language can be represented in CSP. We then show how properties of these policies may also be described in CSP, and how model checking may be used to verify that a policy meets the property.We further consider how we may introduce a notion of workflow into this framework, and show that a simple appreciation of the workflow context may limit the things we need to verify about a policy.
    Original languageEnglish
    Title of host publicationSWS '05 Proceedings of the 2005 workshop on Secure web services
    PublisherACM
    Pages28-35
    Number of pages8
    ISBN (Print)1-59593-234-8
    DOIs
    Publication statusPublished - 2005
    EventWorkshop on Secure Web Services - Fairfax, United States
    Duration: 11 Nov 200511 Nov 2005

    Workshop

    WorkshopWorkshop on Secure Web Services
    Abbreviated titleSWS
    Country/TerritoryUnited States
    CityFairfax
    Period11/11/0511/11/05

    Fingerprint

    Dive into the research topics of 'Reasoning about XACML policies using CSP'. Together they form a unique fingerprint.

    Cite this