A model-driven approach for the specification and analysis of access control policies

F. Massacci; N. Zannone

doi:10.1007/978-3-540-88873-4_11

A model-driven approach for the specification and analysis of access control policies

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

The last years have seen the definition of many languages, models and standards tailored to specify and enforce access control policies, but such frameworks do not provide methodological support during the policy specification process. In particular, they do not provide facilities for the analysis of the social context where the system operates. In this paper we propose a model-driven approach for the specification and analysis of access control policies. We build this framework on top of SI*, a modeling language tailored to capture and analyze functional and security requirements of socio-technical systems. The framework also provides formal mechanisms to assist policy writers and system administrators in the verification of access control policies and of the actual user-permission assignment. © 2008 Springer Berlin Heidelberg.

Original language	English
Title of host publication	On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings
Editors	Z. Tari, R. Meersman
Publisher	Springer Verlag
Pages	1087-1103
ISBN (Print)	9783540888727
DOIs	https://doi.org/10.1007/978-3-540-88873-4_11
Publication status	Published - 2008
Externally published	Yes
Event	OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008 - , Mexico Duration: 9 Nov 2008 → 14 Nov 2008

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008
Country/Territory	Mexico
Period	9/11/08 → 14/11/08

Access to Document

10.1007/978-3-540-88873-4_11

Persistent URL (handle)

Persistent link

Cite this

Massacci, F., & Zannone, N. (2008). A model-driven approach for the specification and analysis of access control policies. In Z. Tari, & R. Meersman (Eds.), On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings (pp. 1087-1103). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). Springer Verlag. https://doi.org/10.1007/978-3-540-88873-4_11

Massacci, F. ; Zannone, N. / A model-driven approach for the specification and analysis of access control policies. On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings. editor / Z. Tari ; R. Meersman. Springer Verlag, 2008. pp. 1087-1103 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{be1b348cca6f4b1d87aa02b68e5cf3cd,

title = "A model-driven approach for the specification and analysis of access control policies",

abstract = "The last years have seen the definition of many languages, models and standards tailored to specify and enforce access control policies, but such frameworks do not provide methodological support during the policy specification process. In particular, they do not provide facilities for the analysis of the social context where the system operates. In this paper we propose a model-driven approach for the specification and analysis of access control policies. We build this framework on top of SI*, a modeling language tailored to capture and analyze functional and security requirements of socio-technical systems. The framework also provides formal mechanisms to assist policy writers and system administrators in the verification of access control policies and of the actual user-permission assignment. {\textcopyright} 2008 Springer Berlin Heidelberg.",

author = "F. Massacci and N. Zannone",

year = "2008",

doi = "10.1007/978-3-540-88873-4_11",

language = "English",

isbn = "9783540888727",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "1087--1103",

editor = "Z. Tari and R. Meersman",

booktitle = "On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings",

note = "OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008 ; Conference date: 09-11-2008 Through 14-11-2008",

}

Massacci, F & Zannone, N 2008, A model-driven approach for the specification and analysis of access control policies. in Z Tari & R Meersman (eds), On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, pp. 1087-1103, OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008, Mexico, 9/11/08. https://doi.org/10.1007/978-3-540-88873-4_11

A model-driven approach for the specification and analysis of access control policies. / Massacci, F.; Zannone, N.
On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings. ed. / Z. Tari; R. Meersman. Springer Verlag, 2008. p. 1087-1103 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - A model-driven approach for the specification and analysis of access control policies

AU - Massacci, F.

AU - Zannone, N.

PY - 2008

Y1 - 2008

N2 - The last years have seen the definition of many languages, models and standards tailored to specify and enforce access control policies, but such frameworks do not provide methodological support during the policy specification process. In particular, they do not provide facilities for the analysis of the social context where the system operates. In this paper we propose a model-driven approach for the specification and analysis of access control policies. We build this framework on top of SI*, a modeling language tailored to capture and analyze functional and security requirements of socio-technical systems. The framework also provides formal mechanisms to assist policy writers and system administrators in the verification of access control policies and of the actual user-permission assignment. © 2008 Springer Berlin Heidelberg.

AB - The last years have seen the definition of many languages, models and standards tailored to specify and enforce access control policies, but such frameworks do not provide methodological support during the policy specification process. In particular, they do not provide facilities for the analysis of the social context where the system operates. In this paper we propose a model-driven approach for the specification and analysis of access control policies. We build this framework on top of SI*, a modeling language tailored to capture and analyze functional and security requirements of socio-technical systems. The framework also provides formal mechanisms to assist policy writers and system administrators in the verification of access control policies and of the actual user-permission assignment. © 2008 Springer Berlin Heidelberg.

U2 - 10.1007/978-3-540-88873-4_11

DO - 10.1007/978-3-540-88873-4_11

M3 - Conference contribution

SN - 9783540888727

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1087

EP - 1103

BT - On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings

A2 - Tari, Z.

A2 - Meersman, R.

PB - Springer Verlag

T2 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008

Y2 - 9 November 2008 through 14 November 2008

ER -

Massacci F, Zannone N. A model-driven approach for the specification and analysis of access control policies. In Tari Z, Meersman R, editors, On the Move to Meaningful Internet Systems: OTM 2008 - OTM 2008 Confederated International Conferences CoopIS, DOA, GADA, IS, and ODBASE 2008,Proceedings. Springer Verlag. 2008. p. 1087-1103. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-88873-4_11

A model-driven approach for the specification and analysis of access control policies

Abstract

Publication series

Conference

Access to Document

Persistent URL (handle)

Fingerprint

Cite this