Handbook of graph grammars and computing by graph transformation: volume I. foundations
Handbook of graph grammars and computing by graph transformation: volume I. foundations
The object constraint language: precise modeling with UML
The object constraint language: precise modeling with UML
Handbook of graph grammars and computing by graph transformation: vol. 2: applications, languages, and tools
Alcoa: the alloy constraint analyzer
Proceedings of the 22nd international conference on Software engineering
Proceedings of the 22nd international conference on Software engineering
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A lightweight approach to specification and analysis of role-based access control extensions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
Conflict Detection and Resolution in Access Control Policy Specifications
FoSSaCS '02 Proceedings of the 5th International Conference on Foundations of Software Science and Computation Structures
OCL: Syntax, Semantics, and Tools
Object Modeling with the OCL, The Rationale behind the Object Constraint Language
Engineering of role/permission assignments
Engineering of role/permission assignments
Validating UML models and OCL constraints
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
Modular architecture for a toolset supporting OCL
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
Consistency checking and visualization of OCL constraints
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
Graph-based delegation authorization in workflow
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
A transformation-driven approach to the verification of security policies in web designs
ICWE'07 Proceedings of the 7th international conference on Web engineering
Model checking security policy model using both UML static and dynamic diagrams
Proceedings of the 4th international conference on Security of information and networks
A first step towards security policy compliance of connectors
FSEN'09 Proceedings of the Third IPM international conference on Fundamentals of Software Engineering
Verification of UML-Based security policy model
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part III
Specification and validation of authorisation constraints using UML and OCL
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Representation and reasoning on role-based access control policies with conceptual graphs
ICCS'06 Proceedings of the 14th international conference on Conceptual Structures: inspiration and Application
Hi-index | 0.00 |
The specification of policies is a crucial aspect in the development of complex systems, since policies control the system's behavior. In order to predict a possibly incorrect behavior of the system, it is necessary to have a precise specification of the policy, better if described in an intuitive formalism. We propose policy specifications in three modeling notations, viz. UML, Alloy and Graph Transformations, and compare them from the viewpoint of readability, verifiability as well as tool support. We use a role-based access control policy as example policy.