Formal Engineering of XACML Access Control Policies in VDM++

@inproceedings{Bryans2007FormalEO,
  title={Formal Engineering of XACML Access Control Policies in VDM++},
  author={Jeremy Bryans and John S. Fitzgerald},
  booktitle={ICFEM},
  year={2007}
}
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is to help developers evaluate the consequences of policy decisions in complex situations where security requirements change and access decisions may depend on the external dynamic environment. The approach applies the model-oriented specification language from the Vienna Development Method (VDM++). An executable formal… CONTINUE READING
Highly Cited
This paper has 28 citations. REVIEW CITATIONS
18 Citations
14 References
Similar Papers

References

Publications referenced by this paper.
Showing 1-10 of 14 references

Model based analysis and validation of access control policies

  • Jeremy W. Bryans, John S. Fitzgerald, Panos Periorellis
  • Technical Report CS-TR-976,
  • 2006
1 Excerpt

Similar Papers

Loading similar papers…