Author(s) |
Evered, Mark P
|
Publication Date |
2012
|
Abstract |
In this paper we describe the formal specification language RASP for expressing fine-grained access control constraints in information systems.The design of the language is motivated by a number of IS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements
|
Citation |
International Journal of Cyber-Security and Digital Forensics, 1(1), p. 1-14
|
ISSN |
2305-0012
|
Link | |
Language |
en
|
Publisher |
Society of Digital Information and Wireless Communications (SDIWC)
|
Title |
Rationale and Design of the Access Specification Language RASP
|
Type of document |
Journal Article
|
Entity Type |
Publication
|
Name | Size | format | Description | Link |
---|