PolicyDSL:基于策略元模型的通用访问控制管理

2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT) Pub Date : 2013-10-24 DOI:10.1109/SoMeT.2013.6645665

Branislav Trninic, G. Sladić, Gordana Milosavljević, B. Milosavljević, Z. Konjovic

{"title":"PolicyDSL:基于策略元模型的通用访问控制管理","authors":"Branislav Trninic, G. Sladić, Gordana Milosavljević, B. Milosavljević, Z. Konjovic","doi":"10.1109/SoMeT.2013.6645665","DOIUrl":null,"url":null,"abstract":"The paper presents a generic access control management infrastructure suitable for a broad set of systems. The generic infrastructure is based on our policy metamodel (level M2), which is used for the specification of the needed policy model (level M1) such as RBAC, GTRBAC, etc. Having a defined policy model, the abstract and concrete syntaxes of PolicyDSL, our textual DSL for expressing access control policies, are dynamically generated. A security expert is then able to express the actual access control policies (level M0) for the given access control model using the generated DSL. The presented solution can be applied, with no changes, to a number of systems that are based on different access control models or their variants.","PeriodicalId":447065,"journal":{"name":"2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"PolicyDSL: Towards generic access control management based on a policy metamodel\",\"authors\":\"Branislav Trninic, G. Sladić, Gordana Milosavljević, B. Milosavljević, Z. Konjovic\",\"doi\":\"10.1109/SoMeT.2013.6645665\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The paper presents a generic access control management infrastructure suitable for a broad set of systems. The generic infrastructure is based on our policy metamodel (level M2), which is used for the specification of the needed policy model (level M1) such as RBAC, GTRBAC, etc. Having a defined policy model, the abstract and concrete syntaxes of PolicyDSL, our textual DSL for expressing access control policies, are dynamically generated. A security expert is then able to express the actual access control policies (level M0) for the given access control model using the generated DSL. The presented solution can be applied, with no changes, to a number of systems that are based on different access control models or their variants.\",\"PeriodicalId\":447065,\"journal\":{\"name\":\"2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT)\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-10-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SoMeT.2013.6645665\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SoMeT.2013.6645665","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

本文提出了一种适用于多种系统的通用访问控制管理基础结构。通用基础设施基于我们的策略元模型(级别M2)，它用于指定所需的策略模型(级别M1)，如RBAC、GTRBAC等。有了已定义的策略模型，就可以动态生成PolicyDSL的抽象和具体语法(表示访问控制策略的文本DSL)。然后，安全专家能够使用生成的DSL表示给定访问控制模型的实际访问控制策略(级别M0)。本文提出的解决方案可以在不做任何更改的情况下应用于基于不同访问控制模型或其变体的许多系统。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

PolicyDSL: Towards generic access control management based on a policy metamodel

The paper presents a generic access control management infrastructure suitable for a broad set of systems. The generic infrastructure is based on our policy metamodel (level M2), which is used for the specification of the needed policy model (level M1) such as RBAC, GTRBAC, etc. Having a defined policy model, the abstract and concrete syntaxes of PolicyDSL, our textual DSL for expressing access control policies, are dynamically generated. A security expert is then able to express the actual access control policies (level M0) for the given access control model using the generated DSL. The presented solution can be applied, with no changes, to a number of systems that are based on different access control models or their variants.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 IEEE 12th International Conference on Intelligent Software Methodologies, Tools and Techniques (SoMeT)

自引率

0.00%

发文量