P. Konopacki, M. Frappier, and R. Laleau, Expressing Access Control Policies with an Event-Based Approach, CAiSE Workshops, pp.607-621, 2011.
DOI : 10.1007/978-3-642-00199-4_2
URL : https://hal.archives-ouvertes.fr/hal-01224638

M. Frappier, B. Fraikin, R. Chossart, R. Chane-yack-fa, and M. Ouenzar, Comparison of Model Checking Tools for Information Systems, ICFEM, ser. Lecture Notes in Computer Science, pp.581-596, 2010.
DOI : 10.1007/978-3-642-16901-4_38

H. Belhaouari and F. Peschanski, Automated Generation of Test Cases from Contract-Oriented Specifications: A CSP-Based Approach, 2008 11th IEEE High Assurance Systems Engineering Symposium, pp.219-228, 2008.
DOI : 10.1109/HASE.2008.15
URL : https://hal.archives-ouvertes.fr/hal-01303858

Q. Ni, E. Bertino, and J. Lobo, An obligation model bridging access control policies and privacy policies, Proceedings of the 13th ACM symposium on Access control models and technologies , SACMAT '08, pp.133-142, 2008.
DOI : 10.1145/1377836.1377857
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.666.1141

N. Li and Q. Wang, Beyond separation of duty, Journal of the ACM, vol.55, issue.3, pp.1-46, 2008.
DOI : 10.1145/1379759.1379760

A. A. Kalam, S. Benferhat, A. Mì-ege, R. E. Baida, F. Cuppens et al., Organization based access control, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, pp.120-130, 2003.
DOI : 10.1109/POLICY.2003.1206966
URL : https://hal.archives-ouvertes.fr/hal-01483818

A. Brown, S. Johnston, and K. Kelly, Using service-oriented architecture and component-based development to build web service application, 2002.

R. Reussner, I. Poernomo, and H. W. Schmidt, Reasoning about Software Architectures with Contractually Specified Components, Component-Based Software Quality, ser. LNCS, pp.287-325, 2003.
DOI : 10.1007/978-3-540-45064-1_14

T. Lodderstedt, D. A. Basin, and J. Doser, SecureUML: A UML-Based Modeling Language for Model-Driven Security, Proceedings of the 5th International Conference on The Unified Modeling Language, pp.426-441, 2002.
DOI : 10.1007/3-540-45800-X_33

K. L. Mcmillan, Symbolic model checking, 1992.

H. Belhaouari and F. Peschanki, A Constraint Logic Programming Approach to Automated Testing, ICLP, ser. LNCS, pp.754-758, 2008.
DOI : 10.1007/978-3-540-45193-8_26
URL : https://hal.archives-ouvertes.fr/hal-01303857

C. Oriat, Jartege: A Tool for Random Generation of Unit Tests for Java Classes, 2nd International Workshop on Software Quality -SOQUA'05, pp.242-256, 2005.
DOI : 10.1007/11558569_18
URL : https://hal.archives-ouvertes.fr/hal-00003466

Y. Cheon, Automated random testing to detect specificationcode inconsistencies, Proceedings of the 2007 International Conference on Software Engineering Theory and Practice, pp.112-119, 2007.

C. Pacheco and M. D. Ernst, Randoop, Companion to the 22nd ACM SIGPLAN conference on Object oriented programming systems and applications companion , OOPSLA '07, 2007.
DOI : 10.1145/1297846.1297902

Y. Ledru, A. Idani, J. Milhau, N. Qamar, R. Laleau et al., Taking into Account Functional Models in the Validation of IS Security Policies, 1st International Workshop on Information Systems Security Engineering host by CAISE, 2011.
DOI : 10.1007/978-3-642-16265-7_18
URL : https://hal.archives-ouvertes.fr/hal-00860806

M. Gogolla, F. Büttner, and M. Richters, USE: A UML-based specification environment for validating UML and OCL, Science of Computer Programming, vol.69, issue.1-3, pp.27-34, 2007.
DOI : 10.1016/j.scico.2007.01.013

D. A. Basin, M. Clavel, J. Doser, and M. Egea, Automated analysis of security-design models, Information and Software Technology, vol.51, issue.5, pp.815-831, 2009.
DOI : 10.1016/j.infsof.2008.05.011

A. Schaad and J. D. Moffett, A lightweight approach to specification and analysis of role-based access control extensions, Proceedings of the seventh ACM symposium on Access control models and technologies , SACMAT '02, pp.13-22, 2002.
DOI : 10.1145/507711.507714

J. Zao, H. Wee, J. Chu, and D. Jackson, Rbac schema verification using lightweight formal model and constraint analysis, Proceedings of the 8th ACM symposium on Access control models and technologies, 2003.

C. Yuan, Y. He, J. He, and Z. Zhou, A Verifiable Formal Specification for RBAC Model with Constraints of Separation of Duty, Information Security and Cryptology, 2006.
DOI : 10.1007/11937807_16

Y. Ledru, N. Qamar, A. Idani, J. Richier, and M. Labiadh, Validation of security policies by the animation of Z specifications, Proceedings of the 16th ACM symposium on Access control models and technologies, SACMAT '11, pp.155-164, 2011.
DOI : 10.1145/1998441.1998471
URL : https://hal.archives-ouvertes.fr/hal-00860805

D. A. Basin, S. J. Burri, and G. Karjoth, Dynamic enforcement of abstract separation of duty constraints, ESORICS, ser. Lecture Notes in Computer Science, pp.250-267, 2009.

S. Ayed, N. Cuppens-boulahia, and F. Cuppens, Managing access and flow control requirements in distributed workflows, 2008 IEEE/ACS International Conference on Computer Systems and Applications, pp.702-710
DOI : 10.1109/AICCSA.2008.4493605

P. Konopacki, H. Belhaouari, M. Frappier, and R. Laleau, Specification and Verification of Access Control Policies in EB3SEC: Work in Progress, FPS, ser, pp.227-233, 2011.
DOI : 10.1007/978-3-642-27901-0_18