Communicating sequential processes
Communicating sequential processes
ANTLR: a predicated-LL(k) parser generator
Software—Practice & Experience
Protection and the control of information sharing in multics
Communications of the ACM
Synthesising verified access control systems in XACML
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Validated Designs For Object-oriented Systems
Validated Designs For Object-oriented Systems
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Reasoning about XACML policies using CSP
Proceedings of the 2005 workshop on Secure web services
Towards reasonability properties for access-control policy languages
Proceedings of the eleventh ACM symposium on Access control models and technologies
Analyzing web access control policies
Proceedings of the 16th international conference on World Wide Web
Xengine: a fast and scalable XACML policy evaluation engine
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
PERMIS: a modular authorization infrastructure
Concurrency and Computation: Practice & Experience - UK e-Science All Hands Meeting 2006
Formal engineering of XACML access control policies in VDM++
ICFEM'07 Proceedings of the formal engineering methods 9th international conference on Formal methods and software engineering
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
Formalising security in ubiquitous and cloud scenarios
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Towards model-driven development of access control policies for web applications
Proceedings of the Workshop on Model-Driven Security
Science of Computer Programming
| Hi-index | 0.00 |
We propose a formal account of XACML, an OASIS standard adhering to the Policy Based Access Control model for the specification and enforcement of access control policies. To clarify all ambiguous and intricate aspects of XACML, we provide it with a more manageable alternative syntax and with a solid semantic ground. This lays the basis for developing tools and methodologies which allow software engineers to easily and precisely regulate access to resources using policies. To demonstrate feasibility and effectiveness of our approach, we provide a software tool, supporting the specification and evaluation of policies and access requests, whose implementation fully relies on our formal development.