We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and intuitive way and a model-driven process that transforms graphical specifications of access control policies in XACML. These XACML policies are then translated in FACPL, a policy language with a formal semantics, and the resulting policies are evaluated by means of a Java-based software tool.

Towards model-driven development of access control policies for web applications / M. Busch; N. Koch; M. Masi; R. Pugliese; F. Tiezzi. - STAMPA. - (2013), pp. 1-6. (Intervento presentato al convegno Model-Driven Security Workshop (MDSec 2012) tenutosi a Innsbruck, Austria nel October 1, 2012) [10.1145/2422498.2422502].

Towards model-driven development of access control policies for web applications

PUGLIESE, ROSARIO;F. Tiezzi
2013

Abstract

We introduce a UML-based notation for graphically modeling systems' security aspects in a simple and intuitive way and a model-driven process that transforms graphical specifications of access control policies in XACML. These XACML policies are then translated in FACPL, a policy language with a formal semantics, and the resulting policies are evaluated by means of a Java-based software tool.
2013
Proc. of the 1st Model-Driven Security Workshop (MDSec 2012)
Model-Driven Security Workshop (MDSec 2012)
Innsbruck, Austria
October 1, 2012
M. Busch; N. Koch; M. Masi; R. Pugliese; F. Tiezzi
4a - Articolo in atti di congresso
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/777592
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 12
  • ???jsp.display-item.citation.isi??? ND
social impact