A holistic approach for access control policies: from formal specification to aspect-based enforcement Online publication date: Mon, 18-Jan-2010
by Slim Kallel, Anis Charfi, Mira Mezini, Mohamed Jmaiel, Andreas Sewe
International Journal of Information and Computer Security (IJICS), Vol. 3, No. 3/4, 2009
Abstract: We present in this paper a novel approach to non-functional safety properties, combining formal methods and Aspect-Oriented Programming (AOP). The approach supports both the formal specification and the enforcement of such properties through runtime monitoring. We apply our approach for security policies and especially Role-Based Access Control (RBAC) policies including application-specific constraints such as separation of duties and delegation. For formal specification, we introduce TemporalZ, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC policies. For the enforcement, we generate automatically modular enforcement code out of the formal specification using the aspect-oriented language ALPHA.
Online publication date: Mon, 18-Jan-2010
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com