Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICSE
2005
IEEE-ACM
2005
IEEE-ACM
Verification and change-impact analysis of access-control policies
Sensitive data are increasingly available on-line through the Web and other distributed protocols. This heightens the need to carefully control access to data. Control means not only preventing the leakage of data but also permitting access to necessary information. Indeed, the same datum is often treated differently depending on context. System designers create policies to express conditions on the access to data. To reduce source clutter and improve maintenance, developers increasingly use domain-specific, declarative languages to express these policies. In turn, administrators need to analyze policies relative to properties, and to understand the effect of policy changes even in the absence of properties. This paper presents Margrave, a software suite for analyzing role-based access-control policies. Margrave includes a verifier that analyzes policies written in the xacml language, translating them into a form of decision-diagram to answer queries. It also provides semantic differe...
Real-time TrafficDesigners Create Policies | ICSE 2005 | Languages General Terms | Role-based Access-control Policies | Software Engineering |
Related Content
| Added | 09 Dec 2009 |
| Updated | 09 Dec 2009 |
| Type | Conference |
| Year | 2005 |
| Where | ICSE |
| Authors | Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyerovich, Michael Carl Tschantz |
Comments (0)
Researcher Info
|
