Temporal logic and Z specifications
Australian Computer Journal
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
The Z notation: a reference manual
The Z notation: a reference manual
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
ACM Transactions on Information and System Security (TISSEC)
An approach to engineer and enforce context constraints in an RBAC environment
Proceedings of the eighth ACM symposium on Access control models and technologies
Specification and Classification of Role-based Authorization Policies
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Using uml to visualize role-based access control constraints
Proceedings of the ninth ACM symposium on Access control models and technologies
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
Implementing a modular access control service to support application-specific policies in CaesarJ
AOMD '05 Proceedings of the 1st workshop on Aspect oriented middleware development
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
A model-checking approach to analysing organisational controls in a loan origination process
Proceedings of the eleventh ACM symposium on Access control models and technologies
Combining formal methods and aspects for specifying and enforcing architectural invariants
COORDINATION'07 Proceedings of the 9th international conference on Coordination models and languages
An aspect-oriented approach to declarative access control for web applications
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Expressive pointcuts for increased modularity
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Towards a formal methodology for designing multi-agent applications
MATES'05 Proceedings of the Third German conference on Multiagent System Technologies
RDyMASS: reliable and dynamic enforcement of security policies for mobile agent systems
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Hi-index | 0.00 |
We present an approach that addresses both formal specification and verification as well as runtime enforcement of RBAC access control policies including application specific constraints such as separation of duties (SoD). We introduce Temporal $\cal{Z}$, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC and SoD constraints. An aspect-oriented language with domain specific concepts for RBAC and SoD constraints is used for the runtime enforcement of policies. Enforcement aspects are automatically generated from Temporal $\cal{Z}$ specifications hence avoiding the possibility of errors and inconsistencies that may be introduced when enforcement code is written manually. Furthermore, the use of aspects ensures the modularity of the enforcement code and its separation from the business logic.