Toggle Main Menu Toggle Search

Open Access padlockePrints

Model Based Analysis and Validation of Access Control Policies

Lookup NU author(s): Dr Jeremy Bryans, Professor John Fitzgerald, Dr Panos Periorellis



We present a model based approach to describing, analysing and validating access control policies. Access control policies are described using VDM - a model oriented formal method. Policy descriptions are concise and may be easily manipulated. The structure of the VDM description is derived from the OASIS standard access control policy language XACML. It is therefore straightforward to translate between XACML policies and their corresponding VDM models. We show how the existing tool support for VDM enables a number of ways of validating these policies, each of which are valuable at different stages of the development and maintenance life cycle.

Publication metadata

Author(s): Bryans JW, Fitzgerald JS, Periorellis P

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2006

Pages: 15

Print publication date: 01/07/2006

Source Publication Date: July 2006

Report Number: 976

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne