Browse by author
Lookup NU author(s): Dr Jeremy Bryans,
Professor John Fitzgerald
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is to help developers evaluate the consequences of policy decisions in complex situations where security requirements change and access decisions may depend on the external dynamic environment. The approach applies the model-oriented specification language from the Vienna Development Method (VDM++). An executable formal model of XACML access control is presented in VDM++. The use of the model to analyse and revise both policies and requirements on the environment is illustrated through an example. An approach to the practical problem of analysing access control in virtual organisations with dynamic membership and goals is proposed.
Author(s): Bryans J, Fitzgerald JS
Editor(s): Butler, M; Hinchey, MG; Larrondo-Petrie, MM
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: Formal Methods and Software Engineering: 9th International Conference on Formal Engineering Methods, ICFEM
Year of Conference: 2007
ISSN: 0302-9743 (Print) 1611-3349 (Online)
Library holdings: Search Newcastle University Library for this item
Series Title: Lecture Notes In Computer Science