Browse by author
Lookup NU author(s): Dr Jeremy Bryans, Professor John Fitzgerald
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language~(XACML). Our aim is to help developers evaluate the consequences of policy decisions in complex situations where security requirements change and access decisions may depend on the external dynamic environment. The approach applies the model-oriented specification language from the Vienna Development Method~(VDM++). An executable formal model of XACML access control is presented in VDM++. The use of the model to analyse and revise both policies and requirements on the environment is illustrated through an example. An approach to the practical problem of analysing access control in virtual organisations with dynamic membership and goals is proposed.
Author(s): Bryans JW, Fitzgerald JS
Publication type: Report
Publication status: Published
Series Title: School of Computing Science Technical Report Series
Year: 2007
Pages: 23
Print publication date: 01/06/2007
Source Publication Date: June 2007
Report Number: 1028
Institution: School of Computing Science, University of Newcastle upon Tyne
Place Published: Newcastle upon Tyne
URL: http://www.cs.ncl.ac.uk/publications/trs/papers/1028.pdf