Rationale and Design of the Access Specification Language RASP

Author(s)
Evered, Mark P
Publication Date
2012
Abstract
In this paper we describe the formal specification language RASP for expressing fine-grained access control constraints in information systems.The design of the language is motivated by a number of IS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements
Citation
International Journal of Cyber-Security and Digital Forensics, 1(1), p. 1-14
ISSN
2305-0012
Link
Language
en
Publisher
Society of Digital Information and Wireless Communications (SDIWC)
Title
Rationale and Design of the Access Specification Language RASP
Type of document
Journal Article
Entity Type
Publication

Files:

NameSizeformatDescriptionLink