Specification of Role and Attribute Transitions for Secure Information System Access

Title
Specification of Role and Attribute Transitions for Secure Information System Access
Publication Date
2012
Author(s)
Evered, Mark P
Type of document
Conference Publication
Language
en
Entity Type
Publication
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
Place of publication
Los Alamitos, United States of America
DOI
10.1109/DICTAP.2012.6215380
UNE publication id
une:12048
Abstract
In this paper, we describe a formal specification language (RASP) for expressing fine-grained access control constraints in information systems. The design of the language is motivated by two HIS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements.
Link
Citation
Proceedings of the Second International Conference on Digital Information and Communication Technology and it's Applications (DICTAP), p. 230-235
ISBN
9781467307321
9781467307345
9781467307338
Start page
230
End page
235

Files:

NameSizeformatDescriptionLink