Expressing access control policies with an event-based approach

Abstract : In this paper, we introduce EB3SEC. This language is used to express access control policies in information systems. Permissions and prohibitions are expressed with a class diagram. EB3SEC also includes a process algebra. This process algebra allows one to express specific constraints over permissions and prohibitions. Organizational constraints such as obligation and separation of duty are also supported by process algebra. Separation of duty constraints can be expressed at a workflow process level. Standards such as RBAC or OrBAC can be used to express the access control policy, but their derivatives can also be used. EB3SEC provide a formal language with a high level of expressiveness to describe access control policies. 1
Type de document :
[Research Report] TR-LACL-2010-6, LACL. 2010
Liste complète des métadonnées

Littérature citée [19 références]  Voir  Masquer  Télécharger
Contributeur : Régine Laleau <>
Soumis le : mercredi 16 août 2017 - 18:34:30
Dernière modification le : jeudi 11 janvier 2018 - 06:19:29
Document(s) archivé(s) le : mercredi 10 janvier 2018 - 10:29:41


Fichiers produits par l'(les) auteur(s)


  • HAL Id : hal-01224645, version 1



Pierre Konopacki, Marc Frappier, Régine Laleau. Expressing access control policies with an event-based approach. [Research Report] TR-LACL-2010-6, LACL. 2010. 〈hal-01224645〉



Consultations de la notice


Téléchargements de fichiers