We present a model-checking algorithm which can be used to evaluate access control policies, and a tool which implements it. The evaluation includes not only assessing whether the ...
We present a framework for evaluating and generating access control policies. The framework contains a modelling formalism called RW, which is supported by a model checking tool. ...
To increase confidence in the correctness of specified policies, policy developers can conduct policy testing by supplying typical test inputs (requests) and subsequently checking...
Abstract. An extension of the λ-calculus is proposed, to study historybased access control. It allows for security policies with a possibly nested, local scope. We define a type ...
Massimo Bartoletti, Pierpaolo Degano, Gian Luigi F...
We present a formal, tool-supported approach to the design and maintenance of access control policies expressed in the eXtensible Access Control Markup Language (XACML). Our aim is...