| Author(s) |
Evered, Mark P
|
| Publication Date |
2012
|
| Abstract |
In this paper, we describe a formal specification language (RASP) for expressing fine-grained access control constraints in information systems. The design of the language is motivated by two HIS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements.
|
| Citation |
Proceedings of the Second International Conference on Digital Information and Communication Technology and it's Applications (DICTAP), p. 230-235
|
| ISBN |
9781467307321
9781467307345
9781467307338
|
| Link | |
| Language |
en
|
| Publisher |
Institute of Electrical and Electronics Engineers (IEEE)
|
| Title |
Specification of Role and Attribute Transitions for Secure Information System Access
|
| Type of document |
Conference Publication
|
| Entity Type |
Publication
|
| Name | Size | format | Description | Link |
|---|