| Author(s) |
Evered, Mark P
|
| Publication Date |
2012
|
| Abstract |
In this paper we describe the formal specification language RASP for expressing fine-grained access control constraints in information systems.The design of the language is motivated by a number of IS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements
|
| Citation |
International Journal of Cyber-Security and Digital Forensics, 1(1), p. 1-14
|
| ISSN |
2305-0012
|
| Link | |
| Language |
en
|
| Publisher |
Society of Digital Information and Wireless Communications (SDIWC)
|
| Title |
Rationale and Design of the Access Specification Language RASP
|
| Type of document |
Journal Article
|
| Entity Type |
Publication
|
| Name | Size | format | Description | Link |
|---|