The art of Prolog (2nd ed.): advanced programming techniques
The art of Prolog (2nd ed.): advanced programming techniques
Role-Based Access Control Models
Computer
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
A Framework for Order-Sorted Algebra
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Flexible access control policy specification with constraint logic programming
ACM Transactions on Information and System Security (TISSEC)
Resolving constraint conflicts
Proceedings of the ninth ACM symposium on Access control models and technologies
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
KNOW Why your access was denied: regulating feedback for usable security
Proceedings of the 11th ACM conference on Computer and communications security
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Deriving Semantic Models from Privacy Policies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy APIs: Access Control Techniques to Analyze and Verify Legal Privacy Policies
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Financial Privacy Policies and the Need for Standardization
IEEE Security and Privacy
Strong and weak policy relations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Considering privacy and effectiveness of authorization policies for shared electronic health records
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
| Hi-index | 0.00 |
Constraint systems provide techniques for automatically analyzing the conformance of low-level access control policies to high-level business rules formalized as logical constraints. However, there are likely to be priorities for solutions that are not easy to encode formally, so administrator input is often important. This paper introduces PolicyMorph, a constraint system that supports interactive development and maintenance of access control policies that respect both formalized and un-formalized business rules and priorities. We provide a mathematical description of the system and an architecture for implementing it. We constructed a prototype that is validated using a case study in which constraints are imposed on a building automation system that controls door locks. PolicyMorph advances the state-of-the-art in constraint systems by suggesting predictable policy model modifications that will resolve specific constraint violations and then allowing policy administrators to select the appropriate modifications using knowledge that is not formally encoded in the constraint system.