From Formal Access Control Policies to Runtime Enforcement Aspects

机译：从正式的访问控制策略到运行时强制方面

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

We present an approach that addresses both formal specification and verification as well as runtime enforcement of RBAC access control policies including application specific constraints such as separation of duties (SoD). We introduce TemporalZ, a formal language based on Z and temporal logic, which provides domain specific predicates for expressing RBAC and SoD constraints. An aspect-oriented language with domain specific concepts for RBAC and SoD constraints is used for the runtime enforcement of policies. Enforcement aspects are automatically generated from TemporalZ specifications hence avoiding the possibility of errors and inconsistencies that may be introduced when enforcement code is written manually. Furthermore, the use of aspects ensures the modularity of the enforcement code and its separation from the business logic.

机译：我们提出了一种方法，该方法可解决RBAC访问控制策略的正式规范和验证以及运行时强制实施的问题，包括特定于应用程序的约束，例如职责分离（SoD）。我们介绍TemporalZ，这是一种基于Z和时态逻辑的形式语言，它提供了表示RBAC和SoD约束的特定领域谓词。具有针对RBAC和SoD约束的领域特定概念的面向方面的语言用于策略的运行时实施。强制方面是根据TemporalZ规范自动生成的，因此避免了手动编写强制代码时可能引入的错误和不一致的可能性。此外，各方面的使用可确保强制执行代码的模块化及其与业务逻辑的分离。

著录项

来源
《Engineering secure software and systems》|2009年|16-31|共16页
会议地点 Leuven(BE);Leuven(BE)
作者
Slim Kallel; Anis Charfi; Mira Mezini; Mohamed Jmaiel; Karl Klose;
展开▼
作者单位

Software Technology Group, Darmstadt University of Technology, Germany ReDCAD Laboratory, National Engineering School of Sfax, Tunisia;

SAP Research CEC Darmstadt, Germany;

Software Technology Group, Darmstadt University of Technology, Germany;

ReDCAD Laboratory, National Engineering School of Sfax, Tunisia;

Department of Computer Science, University of Aarhus, Denmark;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算机软件;
关键词

相似文献

外文文献
中文文献
专利

1. A holistic approach for access control policies: from formal specification to aspect-based enforcement [J] . Slim Kallel, Anis Charfi, Mira Mezini, International journal of information and computer security . 2009,第3a4期

机译：访问控制策略的整体方法：从正式规范到基于方面的执行
2. Fully automated runtime enforcement of component-based systems with formal and sound recovery [J] . Yliès Falcone, Mohamad Jaber International Journal on Software Tools for Technology Transfer . 2017,第3期

机译：基于组件的系统的全自动运行时实施，具有正式和完善的恢复功能
3. The Policy Machine: A novel architecture and framework for access control policy specification and enforcement [J] . Ferraiolo D., Atluri V., Gavrila S. Journal of systems architecture . 2011,第4期

机译：政策机器：用于访问控制政策规范和实施的新颖架构和框架
4. From Formal Access Control Policies to Runtime Enforcement Aspects [C] . Slim Kallel, Anis Charfi, Mira Mezini, International Symposium on Engineering Secure Software and Systems . 2009

机译：从正式访问控制策略到运行时执行方面
5. Aspect oriented programming as a formal framework for runtime monitoring. [D] . Nusayr, Amjad A. 2011

机译：面向方面的编程作为运行时监视的正式框架。
6. Perspectives of policy and political decision makers on access to formal dementia care: expert interviews in eight European countries [O] . Anja Broda, Anja Bieber, Gabriele Meyer, 2017

机译：政策和政治决策者对获得正规痴呆治疗的看法：八个欧洲国家的专家访谈
7. Runtime values driven by access control policies: statically enforced at the level of relational business tiers [O] . Pereira Óscar Mortágua, Aguiar Rui L., Santos Maribel Yasmina 2013

机译：由访问控制策略驱动的运行时值：在关系业务层级别上静态实施

From Formal Access Control Policies to Runtime Enforcement Aspects

摘要

著录项

相似文献

相关主题

期刊订阅