Skip to Main content Skip to Navigation
Reports

Expressing access control policies with an event-based approach

Abstract : In this paper, we introduce EB3SEC. This language is used to express access control policies in information systems. Permissions and prohibitions are expressed with a class diagram. EB3SEC also includes a process algebra. This process algebra allows one to express specific constraints over permissions and prohibitions. Organizational constraints such as obligation and separation of duty are also supported by process algebra. Separation of duty constraints can be expressed at a workflow process level. Standards such as RBAC or OrBAC can be used to express the access control policy, but their derivatives can also be used. EB3SEC provide a formal language with a high level of expressiveness to describe access control policies. 1
Complete list of metadatas

Cited literature [19 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01224645
Contributor : Régine Laleau <>
Submitted on : Wednesday, August 16, 2017 - 6:34:30 PM
Last modification on : Friday, October 4, 2019 - 1:20:46 AM
Document(s) archivé(s) le : Wednesday, January 10, 2018 - 10:29:41 AM

File

TR-LACL-2010-6.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01224645, version 1

Collections

Citation

Pierre Konopacki, Marc Frappier, Régine Laleau. Expressing access control policies with an event-based approach. [Research Report] TR-LACL-2010-6, LACL. 2010. ⟨hal-01224645⟩

Share

Metrics

Record views

114

Files downloads

154