Specification and Validation of a Security Policy Model
IEEE Transactions on Software Engineering
Tower: A Language for Role Based Access Control
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The rcl 2000 language for specifying role-based authorization constraints
The rcl 2000 language for specifying role-based authorization constraints
Specifying and implementing security policies using lasco, the language for security constraints on objects
Hi-index | 0.00 |
Access control is the process of mediating every request to data and services maintained by a system and determining whether the request should be granted or denied. Expressiveness and flexibility are top requirements for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main characteristics for access control specification languages and make a comparison on the basis of those characteristics.